fedimint_aead

Function get_encryption_key

Source
pub fn get_encryption_key(password: &str, salt: &str) -> Result<LessSafeKey>
Expand description

Key used to encrypt and authenticate data stored on the filesystem with a user password.

We encrypt certain configs to prevent attackers from learning the private keys if they gain file access. We authenticate the configs to prevent attackers from manipulating the encrypted files.

Users can safely back-up config and salt files on other media the attacker accesses if they do not learn the password and the password has enough entropy to prevent brute-forcing (e.g. 6 random words).

We use the ChaCha20 stream cipher with Poly1305 message authentication standardized in IETF RFC 8439. Argon2 is used for memory-hard key stretching along with a 128-bit salt that is randomly generated to discourage rainbow attacks.

  • password - Strong user-created password
  • salt - Nonce >8 bytes to discourage rainbow attacks