Encrypted Label

1. Using the ratchet algorithm to derive the key value of the current tag; 2. Considering the processing efficiency, only the tag is encrypted with single-layer AES;

Key Value Generation

Processing of the first label

a. Obtain the vault-name and password entered by the user;
b. Splicing the vault-name and password, denoted as S;
c. Perform KECCAK256 operation on S, record it as origin-password;
d. Based on the origin-password, obtain a 32-byte salt value;
e. Perform scrypt slow hash processing on the salt value and origin-password obtained
 in the above steps;
f. Perform SHA512 operation on the result obtained in step e, and the result value is 
 the AES encryption key of the label;

2. Processing of the 2nd~Nth label

Assuming that the Kth label is currently being processed, K is located in the [2, N] interval;
 a. Obtain the vault-name and password entered by the user;
 b. Get the first K-1 labels of the user;
 c. Splicing the first K-1 labels in order, recorded as K-labels value;
 d. Splicing the vault-name password and K-labels sequentially, denoted as S;
 e. Perform KECCAK256 operation on S, record it as origin-password;
 f. Based on the origin-password, obtain a 32-byte salt value;
 g. Perform scrypt slow hash processing on the salt value and origin-password 
    obtained in the above steps;
 h. Perform SHA512 operation on the result obtained in step e, and the result value 
    is the AES encryption key of the label;

AES Encryption

//CryptoJS supports AES-128, AES-192, and AES-256.
// It will pick the variant by the size of the key you pass in.
// If you use a passphrase, then it will generate a 256-bit key.
encryptMessage(message:string, password:string):string{
    return CryptoJS.AES.encrypt(message, password).toString();
}

PreviousRegistered Vault NextEncrypt Sensitive Content

Last updated 3 years ago