How end to end encryption works in Vahana?

Hi,

Vahana takes care of a lot of NFR’s for us. One of those NFR is end to end encryption.

How encryption works in API communication?

How data stored at mobile and web level is encrypted?

Is masking available in vLogs?

Also, Is the DB itself is encrypting?

@Vikas_Dhillon

1 Like

How Encryption works:

==============Request Payload Encryption Client Side=================

  1. Create Payload
  2. generate a random nu of 16 digit. random_number
  3. Encrypt Payload using random_number. [Algo= AES 256]
  4. Encrypt random_number with RSA Public Key.
  5. Output of #4 is sent in Header as txnKey.
    ==============Request Payload Decryption Server Side=================
  6. Decrypt txnKey field using RSA Private Key.
  7. It will give random_number in output.
  8. Decrypt Payload using random_number. [Algo= AES 256]
  9. Process the Payload.
  10. Encrypt response using random_number. [Algo= AES 256]
  11. Send back to client.
    ==============Response Handling at Client Side=================
  12. Encrypted payload is recived.
  13. Decrypt payload using random_number. [Algo= AES 256]
  14. Process the plain Payload.

How data stored at mobile and web level is encrypted?

No major data is stored at Web End. Regarding Mobile, data is stored in sqllite for offline mode and data is encrypted using SQLCipher.


Is masking available in vLogs?

Yes.while configuring a Service Masking can be enabled using field “Keys To Mask”.


Also, Is the DB itself is encrypting?

Disk level encryption.

4 Likes