Encrypt Sensitive Content

1. The label input by the user will become part of the key derivation; 2. The label will be processed by a preliminary ratchet algorithm; 3. The sensitive content will be encrypted twice;

Get Key

Handling of Article 1 Sensitive Content

a. Obtain the vault-name password and label value entered by the user;
b. Perform SHA256, SHA512 and KECCAK256 operations on the vault-name password and 
   label respectively,named S1, S2, S3;
e. Taking S1 S2 S3 as the initial conditions, obtain a 32-byte salt value, denoted as
   Salt;
f. Taking S1+S2+S3 and Salt as the initial values, perform scrypt slow Hash processing; the obtained result is recorded as Res;
g. Find the SHA512 hash value of Res, record it as hash512;
h. Insert 32 obfuscated characters into hash512, and the final result is recorded as P;

2. Handling of Sensitive Content in Articles 2~N

Assuming that the Kth label is currently being processed, K is located in the [2, N] interval;
 a. Obtain the vault-name and password entered by the user;
 b. Get the first K-1 labels of the user;
 c. Splicing the first K-1 labels in order, recorded as K-labels value;
 d. Splicing K-labels and the current label to be stored, denoted as wheel-labels;
 ......
 The subsequent steps repeat [1.Handling of Article 1 Sensitive Content], 
 and replace the label with wheel-labels;
 ......

Start Encryption

a. Based on the P value obtained in the previous step, use this value as the 
   initial entropy to generate a public-private key pair; denoted as Pair;
b. Calculate the SHA512 value of the Pair private key, splicing P and the obtained 
    SHA512 value, denoted as S; using S as the final AES encryption key,
c. Start the inner layer encryption with AES, the ciphertext is recorded as C1;
d. Use Pair's public key to perform secondary encryption on C1 to obtain the final ciphertext;

PreviousEncrypted Label NextContract Structure

Last updated 3 years ago