SECURING DATA EXCHANGE CHANNELS BETWEEN PYTHON APPLICATIONS USING CRYPTOGRAPHIC LIBRARIES

Topicality. The increasing reliance on distributed applications highlights the urgent need for secure data exchange channels between software components. Without appropriate protection, communication is exposed to threats such as eavesdropping, spoofing, tampering, and replay attacks. The subject of...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Terra security Jg. 1; H. 2; S. 39 - 46
1. Verfasser: Kovalov, Pavlo
Format: Journal Article
Sprache:Englisch
Veröffentlicht: 26.09.2025
ISSN:3083-6298, 3083-6328
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Topicality. The increasing reliance on distributed applications highlights the urgent need for secure data exchange channels between software components. Without appropriate protection, communication is exposed to threats such as eavesdropping, spoofing, tampering, and replay attacks. The subject of study in the article is the use of Python’s cryptographic libraries (cryptography, PyNaCl) for constructing lightweight yet robust security layers on top of existing communication mechanisms. The purpose of the article is to present a practical and reproducible method for securing message flows by combining symmetric encryption (AES-GCM), ephemeral key exchange (X25519), key derivation (HKDF with SHA-256), and digital signatures (Ed25519). The following results were obtained. The proposed model integrates authenticated encryption with associated data (AEAD) and session counters to mitigate replay risks, while maintaining compatibility with various transports such as HTTP, gRPC, and MQTT. The study provides minimal, clear code examples and performance measurements showing that the system achieves encryption and decryption in less than one millisecond for typical payloads, with key exchange and signature operations adding only a few milliseconds. These results demonstrate that strong cryptographic protection can be achieved without significant performance penalties. Conclusion. The findings confirm the suitability of the proposed scheme for real-time distributed systems, microservices, and IoT environments. Future improvements may include post-quantum cryptography integration and automated key management.
ISSN:3083-6298
3083-6328
DOI:10.20998/3083-6298.2025.02.05