ETLS(Enhanced Transport Layer Security)

Author

auxten, CovenantSQL
May, 2018"

ETLS(Enhanced Transport Layer Security) is the Transport Layer Security of CovenantSQL.

RPC Signature Features

Use Elliptic Curve Secp256k1 for Asymmetric Encryption
ECDH for Key Exchange
PKCS#7 for padding
AES-256-CBC for Symmetric Encryption

Some Knowledge

// Elliptic Curve Public Key can be computed form Private Key
ECPubKey := ECPrivKey.Pub()
GenECDHSharedSecret(BPub, APriv) == GenECDHSharedSecret(APub, BPriv)

EncryptAndSign Main Procedure

Pseudo Code below:

newPrivateKey, newPubKey := genSecp256k1Keypair()
encKey, HMACKey := SHA512(ECDH(newPrivateKey, inputPublicKey))
PaddedIn := PKCSPadding(in)
OutBytes := IV + newPubKey + AES-256-CBC(encKey, PaddedIn) + HMAC-SHA-256(HMACKey)

Key Management RPC Sequence

Key Management RPC Sequence Explaination in a Chart:

CovenantSQL Authors

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ETLS(Enhanced Transport Layer Security)

Author

RPC Signature Features

Some Knowledge

EncryptAndSign Main Procedure

Key Management RPC Sequence

Clone this wiki locally