Python Fernet with Code Examples
Python has been one of the most popular programming languages for several years now. It is preferred by developers for its readability, versatility, and simplicity. One such feature that makes Python very secure is the cryptography library. It provides various cryptographic services to secure data.
Fernet is a part of the cryptography library in Python. It is a symmetric encryption algorithm that uses Advanced Encryption Standard (AES) in cipher block chaining (CBC) mode to secure data.
In this article, we will learn about Fernet, how it works, and its implementation with Python code examples.
What is Fernet?
Fernet is a stringtostring symmetric encryption algorithm that ensures confidentiality, integrity, and authenticity of data. It is built on top of AES in CBC mode, HMAC with SHA256 for authentication, and PKCS7 for padding. Fernet was created by developers at Dropbox to provide a secure way to store and transmit data over their servers.
Each time Fernet encrypts a message, it uses a random 256bit key to encrypt the message. This key is known as the Fernet key. It is used to encrypt and decrypt the message. Fernet keys can only be generated randomly and cannot be derived from other keys.
Fernet uses a Base64 encoded version of the ciphertext, along with a timestamp and a SHA256 HMAC hash to ensure authenticity. The timestamp is also used to expire messages that are no longer needed.
How Fernet Works?
Fernet encryption and decryption work as follows:
Encryption:
 A message is passed to Fernet for encryption.
 A new random 256bit key is generated. This key is known as the Fernet key.
 The message is encrypted using the Fernet key and AES in CBC mode.
 The current timestamp is added to the encrypted message.
 A SHA256 HMAC hash of the message (including the timestamp) is generated.
 The HMAC hash is added to the message.
 The entire message (ciphertext + timestamp + HMAC hash) is Base64 encoded.
 The final encrypted message is returned.
Decryption:
 An encrypted message is passed to Fernet for decryption.
 The message is Base64 decoded to its original form.
 The first 8 bytes of the message represent the timestamp. If the message has expired, an exception is raised.
 The next 32 bytes of the message represent the SHA256 HMAC hash of the message.
 The remaining bytes of the message represent the ciphertext.
 The SHA256 HMAC hash of the message (including the timestamp) is generated.
 If the HMAC hash generated in step 6 does not match the HMAC hash in the message, an exception is raised.
 The ciphertext is decrypted using the Fernet key and AES in CBC mode.
 The original message is returned.
Now letâ€™s see how we can implement Fernet with Python.
Implementation
Fernet can be easily implemented in Python with the help of the cryptography library.
Before we begin, we need to install the cryptography library. To do so, open the Command Prompt or Terminal and run the following command:
pip install cryptography
Once the cryptography library is installed, we can start implementing Fernet with Python.
Encryption
To encrypt a message using Fernet, we first need to import the Fernet class from the cryptography.fernet module.
from cryptography.fernet import Fernet
We then generate a new Fernet key using the Fernet.generate_key() method. This method returns a random 32byte (256bit) key.
key = Fernet.generate_key()
Once we have the key, we can create a Fernet object using the key.
fernet = Fernet(key)
Now we can encrypt our message using the fernet.encrypt() method.
message = b'This is a message'
encrypted_message = fernet.encrypt(message)
The encrypted_message is our final encrypted message. It contains the Base64 encoded ciphertext, a timestamp, and a SHA256 HMAC hash.
Decryption
To decrypt a message using Fernet, we first need to import the Fernet class from the cryptography.fernet module.
from cryptography.fernet import Fernet
We then create a Fernet object using the Fernet key.
key = b'abcdefghijklmnopqrstuvwxyz123456'
fernet = Fernet(key)
Now we can decrypt our message using the fernet.decrypt() method.
encrypted_message = b'gAAAAABfK3KZKI1pxlMqOB4fwG1iueLl3CqgJ_Z49D7LccR5c1HU6PiXONLUP_1FZUvTFv7_y8kXglPFkW1FvskPTpiVXhy_uA2Gk5XG_2NNHQM3kKoacw82OZK9PyZ_LZ6tQFnNxC9ZQmDrYn4bRklNhiaJJD4Yw0=='
decrypted_message = fernet.decrypt(encrypted_message)
The decrypted_message is our original message. It is the same message that we encrypted earlier.
Conclusion
Fernet is a powerful encryption algorithm that provides strong security to data. It is easy to implement with Python, and it is based on widely used standards such as AES and HMAC. Fernet can be used to encrypt and decrypt sensitive data such as passwords, financial data, and personal information.
In this article, we have learned about Fernet, how it works, and its implementation with Python code examples. We hope that this article has helped you understand Fernet and how it can be used to secure your data. If you have any questions or feedback, feel free to leave a comment below.
here are some more details about the topics covered in the previous article:
 Python:
Python is a highlevel, interpreted programming language. It is easy to learn and read because of its simple syntax and structure. It was first released in 1991 by Guido van Rossum. Python is widely used for web development, scientific computing, data analysis, artificial intelligence, and machine learning.
Python has several libraries and modules that make programming easier and faster. One such library is the cryptography library, which is used for cryptography services such as encryption and decryption.
 Cryptography:
Cryptography is the practice of secure communication in the presence of third parties. It involves the principles of encryption, decryption, hashing, and digital signatures. Cryptography helps in securing the data in transit and at rest.
Cryptography has several types of encryption algorithms, such as symmetrickey encryption, asymmetrickey encryption, and hash functions. Fernet encryption is a part of the symmetrickey encryption algorithm.
 Fernet:
Fernet is a stringtostring symmetric encryption algorithm that ensures confidentiality, integrity, and authenticity of data. It was developed by Dropbox developers in 2013. Fernet uses Advanced Encryption Standard (AES) in CBC mode, HMAC with SHA256 for authentication, and PKCS7 for padding. Fernet provides a secure way to store and transmit data over the servers.
Fernet uses a random 256bit key to encrypt and decrypt the message. This key is known as the Fernet key. Fernet keys can only be generated randomly and cannot be derived from other keys.
 Implementation:
Python provides the cryptography library for implementing Fernet encryption and decryption. Fernet can be implemented in Python by importing the Fernet class from the cryptography.fernet module.
To encrypt a message using Fernet, we need to generate a Fernet key, create a Fernet object using the key, and encrypt the message using the fernet.encrypt() method.
To decrypt a message using Fernet, we need to create a Fernet object using the Fernet key, and decrypt the message using the fernet.decrypt() method.
 Conclusion:
Fernet encryption is a powerful encryption algorithm that provides strong security to data. It is easy to implement with Python, and it is based on widely used standards such as AES and HMAC. Fernet can be used to encrypt and decrypt sensitive data such as passwords, financial data, and personal information.
In summary, Python Fernet encryption is an effective way to secure data. It is easy to implement and uses widely used standards to ensure data security. Fernet encryption can be used for a wide range of scenarios, such as password storage, data transmission, and personal information protection.
Popular questions

What is Fernet Encryption in Python?
Fernet encryption is a form of symmetric encryption that uses the Advanced Encryption Standard (AES) in Cipherblock Chaining (CBC) mode, along with HMAC with SHA256 for authentication and PKCS7 padding. 
How is Fernet Encryption different from other types of encryption?
Fernet encryption is a symmetric encryption algorithm that uses the same key for encrypting and decrypting the data. This is different from asymmetric encryption which uses a public and private key pair for encryption and decryption. 
How can Fernet Encryption be implemented in Python?
Fernet encryption can be implemented in Python using the cryptography library. We can import the Fernet class from the cryptography.fernet module, generate a Fernet key, create a Fernet object using the key, and then use the encrypt() and decrypt() methods to encrypt and decrypt messages. 
What is a Fernet key in Python?
A Fernet key is a random 256bit key that is used for encrypting and decrypting messages with Fernet encryption. Fernet keys cannot be derived from other keys and can only be generated randomly. 
What are the advantages of Fernet Encryption in Python?
Fernet encryption provides confidentiality, authenticity, and integrity of data. It is easy to implement in Python and provides strong data security. It is ideal for securing data such as passwords, financial information, and personal data.
Tag
Crypto