Pseudonymization with keyed-hash function in Python and AWS

Table of Contents

Step 1: AWS KMS

Navigate to https://console.aws.amazon.com/kms/ and click Create a key button:

Step 2: AWS Secrets Manager

Navigate to https://console.aws.amazon.com/secretsmanager/ and click Store a new secret button:

Step 3: Python

Pseudonymize ruslan@korniichuk.com e-mail address with keyed-hash function in Python.

import hashlib
import json
import boto3
email = 'ruslan@korniichuk.com'
secretsmanager = boto3.client('secretsmanager')
response = secretsmanager.get_secret_value(SecretId='Medium')
secret_string = response['SecretString']
hash_key = json.loads(secret_string)['hash_key']
sha3 = hashlib.sha3_512()
data = email + hash_key
sha3.update(data.encode('utf-8'))
digest = sha3.hexdigest()
print(digest)
'fab8b7051dfe55b84c702e24611b2bd7e4564f217eb43deb8292d1afc1548766b2000b2e67b9fac54bcb0598d410c34f3b0adb5deed122798d8bf8697eda4056'

--

--

Python Developer and Artificial Intelligence Engineer

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ruslan Korniichuk

Ruslan Korniichuk

Python Developer and Artificial Intelligence Engineer