Encryption Basics

To proceed with a better understanding of HexaEight Authentication, it is crucial to comprehend the fundamentals of HexaEight Encryption. The reliability of strong Encryption is imperative for HexaEight Authentication.

These following three components are used while performing the encryption or decryption process.

  1. User/Resource Name
  2. User/Resource Password
  3. Asymmetric Shared Key of Destination

  4. For the encryption of data to take place, it must first be converted to an acceptable format called HEByte Format.

  5. HexaEight Libraries provide the necessary function to convert any raw data format to HEByte Format and vice versa.
  6. After the data is converted to HEByte Format, encryption and decryption processes can be applied to it.

Process

Encryption Process

%%{init: { 'theme': 'forest' } }%% erDiagram OriginalData ||--|| HEByteFormat : Converted-Into HEByteFormat ||--|| Encrypted-Data : Compute-Key-And-Apply-Encryption HEByteFormat { Convert-UserName-To BigInteger Convert-Password-To BigInteger Convert-Asymmetric-Shared-Keys-To BigInteger Encryption Requires-UserName-Password-And-Asymmetric-Shared-Keys }

Decryption Process

%%{init: { 'theme': 'forest' } }%% erDiagram Encrypted-Data ||--|| HEByteFormat : Compute-Key-And-Apply-Decryption Encrypted-Data { Convert-UserName-To BigInteger Convert-Password-To BigInteger Convert-Asymmetric-Shared-Keys-To BigInteger Decryption Requires-UserName-Password-And-Asymmetric-Shared-Keys } HEByteFormat ||--|| OriginalData : Converted-Into

===

Security Aspects

  • The Login Token that is obtained from HexaEight Platform is never used in the encryption or decryption process. If the logintoken is compromised, it poses no security threat.

  • Similarly Asymmetric Shared Keys obtained from HexaEight Platform can only be used in combination with the User/Resource Password during the encryption and decryption process. If the Asymmetric Shared Key obtained from HexaEight Platform is compromised, it still poses no security threat.

  • However it is very important to ensure the password is well protected after generation of a Login Token. It is also important to know that the password is never transmitted to other parties for authentication purposes.

  • If the password is compromised, then its important to ban the LoginToken to prevent further asymmetric shared keys from being generated for the Login Token by HexaEight Platform.

Data Privacy

To ensure data privacy, it's important to note that data that needs to be encrypted or decrypted is never transmitted to HexaEight Platform. This process is performed locally on the client machine or system using HexaEight libraries, ensuring that the data is secure and protected from unauthorized access or interception

Summary

HexaEight relies on three components to perform the encryption and decryption process

  • User/Resource Name
  • User/Resource Password
  • Asymmetric Shared Keys

After the generation of the Login Token, it is important to keep the User/Resource Password secure and not share it with anyone to prevent unauthorized access to the account.