Basic Docs
Page cover

Data and Communication Encryption Methods

1.1 Overview

Secure data handling and communication are essential for protecting user information and maintaining the integrity of decentralized operations. This documentation provides a guide to encryption methods used for securing data between components, including encryption of data-at-rest and data-in-transit.

1.2 Core Encryption Strategies

Protects stored data in databases or file systems using AES encryption to prevent unauthorized access.

1.3 Data-at-Rest Encryption: AES Encryption

1.3.1 AES Key Generation

from cryptography.fernet import Fernet

# Generate an encryption key
encryption_key = Fernet.generate_key()
print("AES Encryption Key:", encryption_key)

1.3.2 AES Encryption

from cryptography.fernet import Fernet

# Initialize Fernet with the generated encryption key
cipher = Fernet(encryption_key)

# Data to encrypt
data = "User data or sensitive information"
encrypted_data = cipher.encrypt(data.encode())
print("Encrypted Data:", encrypted_data)

1.3.3 AES Decryption

# Decrypt the data
decrypted_data = cipher.decrypt(encrypted_data).decode()
print("Decrypted Data:", decrypted_data)

1.4 Data-in-Transit Encryption: TLS Implementation

1.4.1 Configuring TLS in API Communication

  1. Generate SSL Certificates: Use openssl to generate SSL certificates for both client and server authentication.

# Generate a private key
openssl genpkey -algorithm RSA -out private.key

# Create a self-signed certificate
openssl req -new -x509 -key private.key -out certificate.crt -days 365

  1. Enable HTTPS on the Server: For example, with an Express.js server, enable HTTPS using the generated SSL certificate and private key.

const https = require("https");
const fs = require("fs");
const express = require("express");

const app = express();

// Load SSL certificate and private key
const options = {
    key: fs.readFileSync("path/to/private.key"),
    cert: fs.readFileSync("path/to/certificate.crt")
};

// Start HTTPS server
https.createServer(options, app).listen(3000, () => {
    console.log("HTTPS server running on port 3000");
});

  1. Client-Side HTTPS Request: Ensure clients make requests over HTTPS by configuring them to trust the server certificate. Here’s an example using axios in Node.js:

const axios = require("axios");
const https = require("https");

// Trust self-signed certificates for local development
const agent = new https.Agent({  
    rejectUnauthorized: false
});

axios.get("https://localhost:3000/api/data", { httpsAgent: agent })
    .then(response => console.log("Data:", response.data))
    .catch(error => console.error("Error:", error));
PreviousAuthentication and Access ControlNextCompliance and Regulatory Alignment

Last updated