top of page
Search
Writer's pictureCharles Edge

The Encryption Architecture Underneath Secret Chest


Encryption is a process of converting data into a form that is unreadable by unauthorized individuals. This is done by using an encryption algorithm, which is a mathematical function that takes the original data, known as the plaintext, and transforms it into encrypted data, known as the ciphertext. The ciphertext can only be decrypted by using the corresponding decryption key, which is known only to the authorized individuals.


There are many different encryption algorithms available, each with its own strengths and weaknesses. Some of the most common encryption algorithms include:

  • DES (Data Encryption Standard): DES is a symmetric encryption algorithm that was developed in the 1970s. It uses a 56-bit key, which is relatively short by today's standards. DES is no longer considered to be secure, as it has been broken by quantum computers.

  • AES (Advanced Encryption Standard): AES is a symmetric encryption algorithm that was adopted as the US federal standard in 2001. It uses keys of 128, 192, or 256 bits, and is considered to be very secure. AES is widely used in a variety of applications, including data storage, network communications, and digital signatures.

  • RSA (Rivest–Shamir–Adleman): RSA is an asymmetric encryption algorithm that was developed in the 1970s. It uses a public key and a private key, which are mathematically related but not identical. The public key can be shared with anyone, while the private key must be kept secret. RSA is widely used for secure data exchange, such as in digital certificates and secure websites.

  • ECC (Elliptic Curve Cryptography): ECC is an asymmetric encryption algorithm that is based on elliptic curves. It is more efficient than RSA for the same level of security, and it is also more resistant to quantum attacks. ECC is becoming increasingly popular for use in mobile devices and other applications where power consumption is a concern.

The best encryption algorithm for a particular application will depend on a number of factors, including the level of security required, the amount of data to be encrypted, and the computing resources available. For example, if high security is required to process information as it flows between websites, then AES or RSA may be a good choice. If the amount of data to be encrypted is large, then ECC may be a better option because it is more efficient. And if computing resources are limited, then ECC may also be a good choice because it requires less processing power than RSA or AES. However, there aren’t as many libraries for many web programming languages to handle ECC and so it may have more friction to implement.

Secret Chest leverages ECC keys for many of our cryptographic operations. An ECC key is a type of cryptographic key that is used in elliptic curve cryptography (ECC). ECC is a public-key cryptography system that uses elliptic curves to generate and exchange keys. ECC keys are typically smaller than traditional public-key cryptography keys, but they offer the same level of security. ECC keys are generated using a mathematical process called elliptic curve point multiplication. This process takes two inputs: a private key and a public key. The private key is known only to the owner of the key pair, and the public key is shared with others.

To encrypt a message, the sender uses the recipient's public key to generate a shared secret key. This shared secret key is then used to encrypt the message. The recipient can then use their private key to decrypt the message. These private keys might be keys stored in a TPM/Secure Enclave space and public keys based on those could grant access to other objects, like Passkeys or items in the Keychain in macOS or iOS.

ECC keys offer several benefits over traditional public-key cryptography keys, including:

  • Smaller key sizes: ECC keys can be much smaller than traditional public-key cryptography keys, while still offering the same level of security. This makes ECC keys more efficient to use and store.

  • Faster performance: ECC keys can be used to perform cryptographic operations more quickly than traditional public-key cryptography keys. This makes ECC keys more suitable for applications where performance is critical, such as mobile devices and embedded systems.

  • Improved security: ECC keys are believed to be more secure than traditional public-key cryptography keys. This is because ECC keys are based on a more complex mathematical problem, which is more difficult to solve.

Secret Chest uses ECC keys in a variety of applications, including:

  • Secure communication: ECC keys are used to encrypt and decrypt messages in a secure way.

  • Digital signatures: ECC keys are used to create digital signatures, which can be used to verify the authenticity of a message or document.

  • Key exchange: ECC keys can be used to exchange keys in a secure way.

  • Data integrity: ECC keys can be used to verify the integrity of data.

These allow us to process more data, more efficiently. Especially as a shard for a secret can grow quite large with all the cryptographic operations we put it through. Encryption (and using it wisely) is the most important tool for us to protect your data from unauthorized access. There are many different encryption algorithms available, each with its own strengths and weaknesses. We welcome any opportunity to banter endlessly about the merits of various architectual options we’ve implemented. It only makes us better when someone notices a flaw in our designs!

3 views0 comments

Recent Posts

See All

Comments


bottom of page