Part 4: Safeguarding Security and Data Integrity

<< Back To Overview
Note: This feature is currently Work In Progress and deployed on our QA-Server.

Fortifying the Server: Secure and Swift

Ensuring the security and integrity of our server is of paramount importance. To achieve this, we have implemented robust measures such as Argon2 for key derivation and AES-GCM encryption.

Argon2: A Swift and Versatile Sentry

To safeguard sensitive information, our server relies on Argon2, an advanced encryption algorithm. Argon2 serves a dual purpose in our system: key derivation and encryption key generation. It allows us to derive secure cryptographic keys from user passwords and other secret values. By utilizing Argon2, we not only strengthen the security of our authentication process but also enhance the overall encryption scheme.

AES-GCM Encryption: Shielding Data with Excellence

Data within our server is encrypted using AES-GCM encryption, a cutting-edge authenticated encryption mode. AES-GCM combines the power of symmetric-key cryptography with an authentication tag, ensuring both confidentiality and authenticity of the transmitted data. However, the strength of any encryption system heavily relies on the keys used. Thanks to Argon2, we derive robust and unique encryption keys, fortified against potential attacks and ensuring the utmost protection for our data.

Secure Communication Between Servers

By employing Argon2 for key derivation and utilizing the derived keys for AES-GCM encryption, our server establishes a robust security foundation, safeguarding sensitive data and ensuring secure communication between servers. To establish seamless communication between two servers, the following steps outline the process:
• Socket Connection: Establish a socket connection between the servers for data transmission.
• Authentication: The sending server authenticates itself by sending a request with an Argon2 hash in the authentication header. The receiving server verifies the Argon2 hash to ensure successful authentication.
• Data Transmission: After successful authentication, the sending server can securely transmit encrypted data to the receiving server. The data is encrypted using AES-GCM encryption with encryption keys derived from Argon2.
• Data Reception: The receiving server decrypts the data using the derived encryption keys, ensuring the integrity and confidentiality of the information.
• Connection Management: The connection can be closed at any time, but it is recommended to maintain the connection for as long as possible to facilitate uninterrupted communication.
• Reconnection and Reauthentication: If the connection is closed, it can be reopened at any time. In such cases, the authentication process must be repeated using Argon2 to ensure secure communication. Reauthentication also becomes necessary if the password of the server has been changed.

>> Part 5: Monitoring and Ensuring Stability