Cryptographic primitives are the basic building blocks of cryptography, consisting of methods used to achieve specific security goals like confidentiality, integrity, and authentication.

Symmetric encryptionCopied!

A cryptographic method where the same key is used for both encryption and decryption. It is efficient and suitable for encrypting large amounts of data but requires secure key sharing between parties. 

Role in Tusky: Used with Data Encryption Keys (DEKs), keys that encrypt actual data exchanged within Tusky.

Algorithm used: AES with Galois/Counter Mode (AES-GCM)

Asymmetric encryptionCopied!

A cryptographic method that uses a pair of keys - a public key for encryption and a private key for decryption. It enables secure communication without pre-shared keys.

Role in Tusky: Used with Vault & User Key Pairs, key pairs that manage data access control, Vault Key Pair encrypts/decrypts DEKs and User Key Pair encrypts/decrypts Vault Private Keys.

Algorithm used: X25519 - an elliptic curve Diffie-Hellman key exchange using Curve25519. 

Key derivation functionCopied!

A function used to derive a strong and cryptographically secure key from a less secure source, such as a password.

Role in Tusky: Used with Password Key, a key derived from user password that encrypts User Private Key.

Algorithm used: PBKDF2 with HMAC-SHA-256