SECURING DATA EXCHANGE CHANNELS BETWEEN PYTHON APPLICATIONS USING CRYPTOGRAPHIC LIBRARIES

Topicality. The increasing reliance on distributed applications highlights the urgent need for secure data exchange channels between software components. Without appropriate protection, communication is exposed to threats such as eavesdropping, spoofing, tampering, and replay attacks. The subject of...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Terra security Jg. 1; H. 2; S. 39 - 46
1. Verfasser: Kovalov, Pavlo
Format: Journal Article
Sprache:Englisch
Veröffentlicht: 26.09.2025
ISSN:3083-6298, 3083-6328
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Abstract Topicality. The increasing reliance on distributed applications highlights the urgent need for secure data exchange channels between software components. Without appropriate protection, communication is exposed to threats such as eavesdropping, spoofing, tampering, and replay attacks. The subject of study in the article is the use of Python’s cryptographic libraries (cryptography, PyNaCl) for constructing lightweight yet robust security layers on top of existing communication mechanisms. The purpose of the article is to present a practical and reproducible method for securing message flows by combining symmetric encryption (AES-GCM), ephemeral key exchange (X25519), key derivation (HKDF with SHA-256), and digital signatures (Ed25519). The following results were obtained. The proposed model integrates authenticated encryption with associated data (AEAD) and session counters to mitigate replay risks, while maintaining compatibility with various transports such as HTTP, gRPC, and MQTT. The study provides minimal, clear code examples and performance measurements showing that the system achieves encryption and decryption in less than one millisecond for typical payloads, with key exchange and signature operations adding only a few milliseconds. These results demonstrate that strong cryptographic protection can be achieved without significant performance penalties. Conclusion. The findings confirm the suitability of the proposed scheme for real-time distributed systems, microservices, and IoT environments. Future improvements may include post-quantum cryptography integration and automated key management.
AbstractList Topicality. The increasing reliance on distributed applications highlights the urgent need for secure data exchange channels between software components. Without appropriate protection, communication is exposed to threats such as eavesdropping, spoofing, tampering, and replay attacks. The subject of study in the article is the use of Python’s cryptographic libraries (cryptography, PyNaCl) for constructing lightweight yet robust security layers on top of existing communication mechanisms. The purpose of the article is to present a practical and reproducible method for securing message flows by combining symmetric encryption (AES-GCM), ephemeral key exchange (X25519), key derivation (HKDF with SHA-256), and digital signatures (Ed25519). The following results were obtained. The proposed model integrates authenticated encryption with associated data (AEAD) and session counters to mitigate replay risks, while maintaining compatibility with various transports such as HTTP, gRPC, and MQTT. The study provides minimal, clear code examples and performance measurements showing that the system achieves encryption and decryption in less than one millisecond for typical payloads, with key exchange and signature operations adding only a few milliseconds. These results demonstrate that strong cryptographic protection can be achieved without significant performance penalties. Conclusion. The findings confirm the suitability of the proposed scheme for real-time distributed systems, microservices, and IoT environments. Future improvements may include post-quantum cryptography integration and automated key management.
Author Kovalov, Pavlo
Author_xml – sequence: 1
  givenname: Pavlo
  orcidid: 0009-0002-6952-8236
  surname: Kovalov
  fullname: Kovalov, Pavlo
BookMark eNo1UNtqg0AUXEoKTdN8QmF_QLvuOavu48ZuVRAVNbQ-LV4h0CZFn_r31aR9mjnDnIGZR7I5X84DIc8OszmT0n8B5oPlcukvNxc24zYTd2R7k4H7m3--WB7Ifp5PLXMdB9CVbEvqUgfHIk5D-qoqRfVHEKk01HSFVCclPejqXeuU5nUVZSlVeZ7EgariLC3psVwfg6LOqywsVB7FAU3iQ6GKWJdP5H5sPudh_4c7Ur7pKoisJAuXhMTqJAhLDIiyQyFGD8eG9Yiib3q_9QQiQs-7cUQmW2yF4F7TAUDLWxelCx30A4cdEbfUbrrM8zSM5ns6fTXTj3GYuQ5k1vZmbW_WgQzjhgn4BbxBUs0
ContentType Journal Article
DBID AAYXX
CITATION
DOI 10.20998/3083-6298.2025.02.05
DatabaseName CrossRef
DatabaseTitle CrossRef
DatabaseTitleList CrossRef
DeliveryMethod fulltext_linktorsrc
EISSN 3083-6328
EndPage 46
ExternalDocumentID 10_20998_3083_6298_2025_02_05
GroupedDBID AAYXX
CITATION
M~E
ID FETCH-LOGICAL-c935-5e449c455f74fa0d445dad8b754443d2cff409b4b5527ac333b2b64963c3de23
ISSN 3083-6298
IngestDate Thu Oct 02 04:21:59 EDT 2025
IsDoiOpenAccess false
IsOpenAccess true
IsPeerReviewed false
IsScholarly false
Issue 2
Language English
LinkModel OpenURL
MergedId FETCHMERGED-LOGICAL-c935-5e449c455f74fa0d445dad8b754443d2cff409b4b5527ac333b2b64963c3de23
ORCID 0009-0002-6952-8236
OpenAccessLink https://ts.khpi.edu.ua/article/download/339567/327739
PageCount 8
ParticipantIDs crossref_primary_10_20998_3083_6298_2025_02_05
PublicationCentury 2000
PublicationDate 2025-09-26
PublicationDateYYYYMMDD 2025-09-26
PublicationDate_xml – month: 09
  year: 2025
  text: 2025-09-26
  day: 26
PublicationDecade 2020
PublicationTitle Terra security
PublicationYear 2025
SSID ssib061134690
Score 1.9228256
Snippet Topicality. The increasing reliance on distributed applications highlights the urgent need for secure data exchange channels between software components....
SourceID crossref
SourceType Index Database
StartPage 39
Title SECURING DATA EXCHANGE CHANNELS BETWEEN PYTHON APPLICATIONS USING CRYPTOGRAPHIC LIBRARIES
Volume 1
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
journalDatabaseRights – providerCode: PRVHPJ
  databaseName: ROAD: Directory of Open Access Scholarly Resources
  customDbUrl:
  eissn: 3083-6328
  dateEnd: 99991231
  omitProxy: false
  ssIdentifier: ssib061134690
  issn: 3083-6298
  databaseCode: M~E
  dateStart: 20250101
  isFulltext: true
  titleUrlDefault: https://road.issn.org
  providerName: ISSN International Centre
link http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtZ1Lj9MwEIAttHDggkCAeMsHblFK40cex2wxLdKSjdog2lMUPyKthNJVu1vtaX87njhJwwoh9sAliSxl7OSzxuPHzCD0UYVhpZK69iMTEZ9JTf2YKOYTGcCuFbPQXbKJKMvi9TrJO3fFfZtOIGqa-OYmufyvqG2ZhQ2us_fAPQi1BfbZQrdXi91e_wn8Ssy-wxEH73NapJ5YzxZpNhce3DJxtvJORfFDiMzLN8XiPPPSPD96E0MSjrk3W27y4ny-TPOFZXT29XSZLnursbNjC7PbVd6-S343aO2t_ZDtwVmmh5_b8ZIC4XD-wfmtO81DrV3mh8Slh56YURntPLl71TnqIWSkBl18om5AdUuMd1U1uOyC_8FQ1wRa0sZP5cexqd-PvzNkDQcJ7RSmFVSCmBLElCCmnJISAts-JBFP4KDft1vRa5kwCCisCUD6ur5u59rVSvr0pwaNjJaR9VE8RU-6aQNOHe5n6IFpnqNNjxoDatyjxj1q3KHGDjUeo8YtavwbajygfoFWX0QxW_hdqgxfJZT73DCWKMZ5HbG6mmrGuK50LCG6IaOaqLq283jJJMTbqxSlVBIZMqt8FdWG0JfopNk25hXCgYo02KSSxAEjcloZlXCt4qk2iVIyeo0m_Z8oL108lPKvEN7c94W36PGxT75DJ1e7a_MePVKHq4v97kOL8heDIkUQ
linkProvider ISSN International Centre
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=SECURING+DATA+EXCHANGE+CHANNELS+BETWEEN+PYTHON+APPLICATIONS+USING+CRYPTOGRAPHIC+LIBRARIES&rft.jtitle=Terra+security&rft.au=Kovalov%2C+Pavlo&rft.date=2025-09-26&rft.issn=3083-6298&rft.eissn=3083-6328&rft.volume=1&rft.issue=2&rft.spage=39&rft.epage=46&rft_id=info:doi/10.20998%2F3083-6298.2025.02.05&rft.externalDBID=n%2Fa&rft.externalDocID=10_20998_3083_6298_2025_02_05
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=3083-6298&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=3083-6298&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=3083-6298&client=summon