Member-only story

Authenticated Encryption with Box and JavaScript

--

We — as a cybersecurity industry — have possibly let down citizens. Why? Well, we still send unauthenticated messages to each other, and typically in the form of emails. This opens up a whole lot of problems and accounts for a large percentage of the cyber security threats we create. These emails, too, are not encrypted and can thus be viewed by others and changed. An improved method uses authenticated encryption, where we use the public key of the sender and the public key of the recipient to create an encryption key.

We can use Box encryption to send authenticated encrypted messages. In this case, we will do an Elliptic Curve Diffie-Hellman key exchange, and where Bob and Alice will generate a public key and a private key, and then exchange them. This exchange will generate the symmetric key that they use to encrypt and decrypt the message. .The key exchange is created using X25519, and where Alice generates a random scalar value (a) for her private key, and then creates a public key point of a⋅G, and where G is the base point on the curve. Bob generates a random scalar value (b) for her private key, and then creates a public key point of b⋅G, and where G is the base point on the curve. They exchange their public key values and then can compute the shared secret of a⋅b⋅G. This shared secret is then used to derive the symmetric key used for the encryption.

--

--

No responses yet