During the development of Aisland, one of the most important challenge was, how to keep private data on a public blockchain.
What you write on the blockchain is readable from everybody, most probably you do not want that your personal address and home phone become public only because of a purchase on Aisland Store, right?
Well, a proper protocol and an encryption algorithms gave us the perfect solution to reach the target. Luckily our core developer is a an expert in the field of security and encryption algorithms.
We selected AES-256 as encryption algorithm because it's standard de-facto and well tested in multiple scenario.
By the way a good encryption algorithm can be useless if the implemented protocol has flaws.
In brief, AES-256 needs a strong key and a chaining method,the chaining method needs an init vector that should be random and never reused.
So we developed a function to encrypt data with a password/key. Here the code in Javascript/Nodejs for the encryption:
//function to encrypt a message by AES 256 async function encrypt_aes256(data,password){ // pull the required libraries const { scryptSync, randomFillSync, createCipheriv } = await import('crypto'); // generate a random salt const saltbuffer = Buffer.alloc(16); const salt =randomFillSync(saltbuffer).toString('hex'); // expand/derive password using a brute force attack algorithm const keybin = scryptSync(password, salt, 64); const key=keybin.toString('hex').substr(0,32); // generate a randmom init vector const ivbuffer = Buffer.alloc(8); const iv =randomFillSync(ivbuffer).toString('hex'); // encrypt "data" by aes-256-cbc const cipher = createCipheriv('aes-256-cbc', key, iv); let encryptedData = cipher.update(data, "utf-8", "hex"); encryptedData += cipher.final("hex"); // return salt+iv+encrypted data in hex decimal string let r=salt+"#"+iv+"#"+encryptedData; return(r); }
And Here the code in Javascript/Nodejs for the decryption:
// function to decrypt an ecrypted structure by Aes 256 async function decrypt_aes256(encrypteddata,password){ // pull the required libraries const { scryptSync, createDecipheriv } = await import('crypto'); // get fields from the encrypted data const salt=encrypteddata.substr(0,32); const iv=encrypteddata.substr(33,16); const encryptedData=encrypteddata.substr(50); // expand key using the same salt of the origin const keybin = scryptSync(password, salt, 64); const key=keybin.toString('hex').substr(0,32); // decrypt data and convert to utf8 bytes const decipher = createDecipheriv('aes-256-cbc', key, iv); let clearData = decipher.update(encryptedData,"hex","utf-8"); try{ clearData += decipher.final("utf8"); } catch(error){ return(null); } // return decrypted data return(clearData); }