Encryption and Decryption Process
Encryption Process:
Once a message is created, it must be encrypted. XQ’s process begins with retrieving quantum entropy from the XQ quantum server to either be used as the secret key for the encryption or as a seed for generating a new key pair. After the quantum entropy is received, the encryption is configured using a selected cryptographic library, such as OpenSSL. Next, the user is validated via the subscription server, returning a pre-auth token. The account is either confirmed via confirmation email or via API call with associated PIN from email and pre-auth token. Once the account is activated, the pre-auth token is submitted to the subscription server to receive an access token. The key is then submitted to the server with the access token and the recipient address. An encrypted packet is received which is then submitted along with the same access token to the validation server. The packet is verified and a locator token is returned, which will be used by the recipient to request the key.
Decryption:
- Client receives encrypted message and the token
- Client makes request to XQ backend and passes access token and the token extracted from the message
- Backend checks that access token received is valid and checks that the user who sent the token is a valid user and allowed to view the message
- After user is validated as a recipient, backend sends encryption key to that client
- Client uses encryption key to decrypt the data.
Comments
Nice work