[Eden Diary_TD] Message Encryption/Decryption for Internal Communication by James Ahn

By February 15, 2019 English

Message Encryption/Decryption for Internal Communication

by James Ahn

To serve business applications, EdenChain has many internal components such as an identity server, a transaction server, transaction processors and so on.

The nature of the existing architecture demands close internal communication among the components. Since EdenChain is a permissioned blockchain platform, the internal network is secured due to its architecture and network topology – possibility of accessing the internal network being relatively low. However, we can not be sure about any hacking possibilities. This situation underscores the importance of having a safe internal communication mechanism.

The internal communication mechanism must have 1) safe communication, and 2) low computation power. Yes, there is a trade-off: if we want strong safety, we need more computation power.

We must, therefore, choose a solution that balances this trade-off between safety and computation power. A few experiments led us to the conclusion that the “Diffie-Hellman key exchange” seems to be a sound choice for our objective. The Diffie-Hellman key exchange is used in many internet services according to WIKI. It is safe while using low computation power and, furthermore, it has solid references.

DHKE(Diffie-Hellman key exchange)

The basic concept of DHKE is that a shared secret will be used for encryption and decryption, so only members with the shared secret can communicate with on another. The beauty of DHKE is that it does not require prior information except for the shared secret. DHKE is easy and clear to understand, making implementation simple.

To understand the actual process of DHKE, consider the following.

  1. Alice and Bob publicly agree to use a modulus p = 23 and base g = 5 (which is a primitive root modulo 23).

  2. Alice chooses a secret integer a = 4, then sends Bob A = ga mod p

            A = 54 mod 23 = 4

  3. Bob chooses a secret integer b = 3, then sends Alice B = gb mod p

            B = 53 mod 23 = 10

  4. Alice computes s = Ba mod p

            s = 104 mod 23 = 18

  5. Bob computes s = Ab mod p

            s = 43 mod 23 = 18

  6. Alice and Bob now share a secret (the number 18).

  7. Source – WIKI

DHKE Module in EdenChain

We created a DHKE module and are using it for internal communication in the Edenchain platform.

Most of the internal communication in the Edenchain platform is based on the DHKE module.

Below is sample code showing how Edenchain uses the DHKE module for message encryption/decryption

 alice = EAuthKey()

 bob = EAuthKey()

 alice.get_salt()

 bob.get_salt()

 dh_alice = alice.calc_dh_value()

 dh_bob = bob.calc_dh_value()

alice.calc_shared_secret(dh_bob)

bob.calc_shared_secret(dh_alice)

a_encrypted = alice.to_ascii(alice.salt)

a_enc = alice.encode(“hello”)

a_dec = bob.decode(a_enc)

Although DHKE is used as the basis for secure internal communication in EdenChain, certain sensitive messages such as identity information and coin-related transactions invoke additional methods for protection and security.