For Devs … “Go” Seal and Open The Box
We live in the 21st Century, but still, we cannot trust any emails that we receive for either the validity of the sender or that the email message has not been changed or even if it has been read by someone else.
For some reason, though, many developers struggle with the concepts involved with encryption, and often implement poor standards, or have no encryption at all. This has led to an untrusted world of data, and where we can trust little within our data infrastructure. Why can’t we sign data with our private key, and then send it a remote system with the public key of the entity? That’s the way it should be done, but we still blindly send and receive data without any form of checking, and just assume our tunnels will protect us.
In a GDPR-driven world, this must change. So, is there something that developers can quickly integrate, but properly encrypt and authenticate data? Well, the Box package in Go is one of the best methods around for wrapping up salt, fast encryption (with XSalsa20 — a much faster encryption method than AES), authentication (using Curve 25519, and MAC (Poly1305).
So let’s use Go, to implement a simple encryption process:
