Part 4: Safeguarding Security and Data Integrity
<< Back To Overview
Note: This feature is currently Work In Progress and deployed on our QA-Server.
Fortifying the Server: Secure and Swift
Ensuring the security and integrity of our server is of paramount importance. To achieve this, we have implemented robust measures such as Argon2 for key derivation and AES-GCM encryption.
Argon2: A Swift and Versatile Sentry
To safeguard sensitive information, our server relies on Argon2, an advanced encryption algorithm. Argon2 serves a dual purpose in our system: key derivation and encryption key generation. It allows us to derive secure cryptographic keys from user passwords and other secret values. By utilizing Argon2, we not only strengthen the security of our authentication process but also enhance the overall encryption scheme.
AES-GCM Encryption: Shielding Data with Excellence
Data within our server is encrypted using AES-GCM encryption, a cutting-edge authenticated encryption mode. AES-GCM combines the power of symmetric-key cryptography with an authentication tag, ensuring both confidentiality and authenticity of the transmitted data. However, the strength of any encryption system heavily relies on the keys used. Thanks to Argon2, we derive robust and unique encryption keys, fortified against potential attacks and ensuring the utmost protection for our data.
Secure Communication Between Servers
By employing Argon2 for key derivation and utilizing the derived keys for AES-GCM encryption, our server
establishes a robust security foundation, safeguarding sensitive data and ensuring secure communication
between servers. To establish seamless communication between two servers, the following steps outline the process:
• Socket Connection: Establish a socket connection between the servers for data transmission.
• Authentication: The sending server authenticates itself by sending a request with an Argon2 hash
in the authentication header. The receiving server verifies the Argon2 hash to ensure successful authentication.
• Data Transmission: After successful authentication, the sending server can securely transmit encrypted
data to the receiving server. The data is encrypted using AES-GCM encryption with encryption keys derived from Argon2.
• Data Reception: The receiving server decrypts the data using the derived encryption keys, ensuring the
integrity and confidentiality of the information.
• Connection Management: The connection can be closed at any time, but it is recommended to maintain the
connection for as long as possible to facilitate uninterrupted communication.
• Reconnection and Reauthentication: If the connection is closed, it can be reopened at any time. In such
cases, the authentication process must be repeated using Argon2 to ensure secure communication. Reauthentication
also becomes necessary if the password of the server has been changed.