-
Notifications
You must be signed in to change notification settings - Fork 27
Basic Crypto
A core philosophy with Tahrir is that, since our high-level goals are ambitious, our low-level libraries must be as easy to use as possible.
Therefore, rather than complicating the low-level crypto libraries by retaining the ability to plug-in different algorithms (like Java's crypto API), our goal is to commit to a suite of suitable crypto primitives at the outset. This means we have one digital signature algorithm, and one asymmetric and symmetric crypto algorithm, which we use pervasively.
The algorithms we've selected are as follows:
- 2048 bit RSA for asymmetric encryption and digital signatures
- 256 bit AES for symmetric encryption
- SHA256 for hashing
Having decided on these primitives, the goal now is to make them as simple to use as possible. We take advantage of Tahrir's Serialization code to make signing, encrypting, and so on as easy to use as possible. This means that an RSA-encrypted message can just be a field in a POJO.
See here for some usage examples.