IDP Cryptography Use Cases - Integratingfactor/lib-idp-crypto GitHub Wiki

client side encryption/decryption using secret key

• library will provide engine class to generate/issue secret key
• IDP service will provide API to register secret key based on user account/project ID and client scope
• IDP service will provide API to get secret key based on user account/project ID and client scope
• IDP service will use secret key for server side encryption of user's data

client side decryption using private key

• library will provide engine class to generate/issue key pair
• IDP service will provide API to get private key for user account/project ID based on client scope
• clients will use private key to decrypt user's sensitive data

server side encryption using public key

• library will provide engine class to generate/issue key pair
• IDP service will provide API to register public key for user account/project ID based on client scope
• IDP service will use public key to encrypt user's sensitive data

server side encryption/decryption using secret key

• library will provide engine class to generate/issue secret key
• IDP service will use secret key for server side encryption of sensitive data

server side encryption/decryption using user's pass phrase

• library will provide engine class to generate/issue passphrase based encryption (PBE) key
• IDP service will provide API to register PBE for user account/project ID based on client scope
• IDP service will use PBE key for server side encryption of user's sensitive data
• IDP service will provide API to get PBE key for user account/project ID based on client scope