-2

I want to generate consistent encryption results for the same msg every time. Currently, I am getting different encryption results.

I am doing something like this

from cryptography.fernet import Fernet

key = Fernet.generate_key()
f = Fernet(key)
token = f.encrypt(b"A really secret message. Not for prying eyes.")
print(token)

# b'gAAAAABfh2ghAoFbQ_MUqdTAs7n__Pz2cOkDeYuMbDOGFa6NSL3Ld_seLIPOs4ztvTW888Y_1CSrFlk_mioSe-rP5TVhFXFfwHYTiLQ4ldTlttXWwoACQhjsMR5vPEWQcEj_5oEWmciV'

token = f.encrypt(b"A really secret message. Not for prying eyes.")
print(token)

# b'gAAAAABfh2gh56xzic644KRb0MEXuttUAEtFGH3ewdblPK40biRuZ7iQcGBVQ4XT9uLrFFSHsiWl9Tdyl2TAyzGwMqHFUcrA0ZO4qqTTKp364UY6tcwcnF2JSLc0hGPjcX5bqD5Ghpn0'

token = f.encrypt(b"A really secret message. Not for prying eyes.")
print(token)

# b'gAAAAABfh2gho82P0yCC9KagQnLO0QrPm2sQBcWeiVFx45IP2IZlTyB0bfZPubu1NAYZ1aQ6S4DoASU7vMqzrd8Bbe9hicFjXwPSBKMzVWkf_BLZZNqoB4EdeOE0x5NQGB-aEctzPfEZ'

I expect every time the input string is the same token, the result should be the same. Also, if there is a better and easier plugin, kindly recommend.

Gino Mempin
  • 25,369
  • 29
  • 96
  • 135
TNN
  • 391
  • 1
  • 5
  • 12
  • 1
    Please add all relevant `import` statements and the printouts. – DYZ Oct 14 '20 at 21:07
  • 1
    It’s a common requirement for encryption that the result _isn’t_ always the same for the same input. Some nonsense to do with security, allegedly. So maybe you need to use a considerably less secure scheme, perhaps what might technically be called _encoding_ but please don’t describe/claim this as encryption because it isn’t. – DisappointedByUnaccountableMod Oct 14 '20 at 21:18
  • @barny maybe you are right but at this time I need same result for same string always , In mysql a thing salt is used . – TNN Oct 14 '20 at 21:21
  • 1
    I hope this isn’t for passwords on any service I use. – DisappointedByUnaccountableMod Oct 14 '20 at 21:22
  • 1
    @barny I just want to keep a simple string encrypted and then compare with new coming string . – TNN Oct 14 '20 at 21:25
  • 2
    Use one-way hashing and then compare with the same hash of the new coming string - no need to ever decode - and this still/also isn’t encryption because the hash isn’t reversible (by definition, that’s what a hash does) – DisappointedByUnaccountableMod Oct 14 '20 at 21:27
  • @barny but I need original text back aswell – TNN Oct 14 '20 at 21:30

1 Answers1

-1

Not all tokens have to be the same because Fernet's encrypt module's code is:

def encrypt(self, data):
    return self.encrypt_at_time(data, int(time.time()))

in fernet.py

It means encryption depends on time. Therefore tokens are different from each other.

  • So Can You please give any other solution ? – TNN Oct 14 '20 at 21:20
  • 3
    Can you ask yourself is it really necessary to keep tokens same. Because if you do that, what you're doing is encoding, not encryption. –  Oct 14 '20 at 21:26
  • then kindly recommend something scenario is " I want to encrypt email address , and after that when user enter email and password he should logged in , but in case of encryption its not getting logged in. so thats why I want to keep result same to compare it in database – TNN Oct 14 '20 at 21:29
  • 1
    Consider comparing hashes. It is hard to turn back to real email address. This might be helpful. https://stackoverflow.com/questions/260236/mysql-hashing-function-implementation –  Oct 14 '20 at 21:35
  • 1
    This answer is misleading, the fact that they are generated at a different time is not why the cypher texts are different. You can see it for yourself by generating them with the same `current_time` parameter. – Lucas Sousa Jan 25 '22 at 17:27