# Encryption Basics

To proceed with a better understanding of HexaEight Authentication, it is crucial to comprehend the fundamentals of HexaEight Encryption. The reliability of strong Encryption is imperative for HexaEight Authentication.

These following three components are used while performing the encryption or decryption process.

User/Resource Name
User/Resource Password
Asymmetric Shared Key of Destination

For the encryption of data to take place, it must first be converted to an acceptable format called HEByte Format.
HexaEight Libraries provide the necessary function to convert any raw data format to HEByte Format and vice versa.
After the data is converted to HEByte Format, encryption and decryption processes can be applied to it.

Encryption Process

%%{init: { 'theme': 'forest' } }%%
erDiagram
    OriginalData ||--|| HEByteFormat : Converted-Into
    HEByteFormat ||--|| Encrypted-Data : Compute-Key-And-Apply-Encryption
        HEByteFormat {
        Convert-UserName-To BigInteger
	Convert-Password-To BigInteger
	Convert-Asymmetric-Shared-Keys-To BigInteger
	Encryption Requires-UserName-Password-And-Asymmetric-Shared-Keys
	}

Decryption Process

%%{init: { 'theme': 'forest' } }%%
erDiagram
    Encrypted-Data ||--|| HEByteFormat : Compute-Key-And-Apply-Decryption
        Encrypted-Data {
        Convert-UserName-To BigInteger
	Convert-Password-To BigInteger
	Convert-Asymmetric-Shared-Keys-To BigInteger
	Decryption Requires-UserName-Password-And-Asymmetric-Shared-Keys
	}
    HEByteFormat ||--|| OriginalData : Converted-Into

Security Aspects

The Login Token that is obtained from HexaEight Platform is never used in the encryption or decryption process. If the logintoken is compromised, it poses no security threat.
Similarly Asymmetric Shared Keys obtained from HexaEight Platform can only be used in combination with the User/Resource Password during the encryption and decryption process. If the Asymmetric Shared Key obtained from HexaEight Platform is compromised, it still poses no security threat.
However it is very important to ensure the password is well protected after generation of a Login Token. It is also important to know that the password is never transmitted to other parties for authentication purposes.
If the password is compromised, then its important to ban the LoginToken to prevent further asymmetric shared keys from being generated for the Login Token by HexaEight Platform.

Data Privacy

To ensure data privacy, it's important to note that data that needs to be encrypted or decrypted is never transmitted to HexaEight Platform. This process is performed locally on the client machine or system using HexaEight libraries, ensuring that the data is secure and protected from unauthorized access or interception

Summary

HexaEight relies on three components to perform the encryption and decryption process

User/Resource Name
User/Resource Password
Asymmetric Shared Keys

After the generation of the Login Token, it is important to keep the User/Resource Password secure and not share it with anyone to prevent unauthorized access to the account.