AsymmetricCryptography : An extension for asymmetric cryptography

Hi @Harsh_Rajput Welcome to Kodular Community
Yes you can use it with any database.
It is not any database specific so it can be independently used with all databases.
But it will be very complex thing because you will have to save your own public and private key in database so that you can use those keys to encrypt and decrypt data.

1 Like

More KeyLength means more security
Know more here:
https://www.javamex.com/tutorials/cryptography/rsa_key_length.shtml

2 Likes

Thanks vknow360 Ya i understood but when we stored keys in our database, there are some possibilities to hacker to get keys from database and then hack the whole data.
I’m still doubted. May be it’s not 100% secure.

Then use keys directly in your app.

@vknow360 your extension looks amazing, keep up the good work!

2 Likes

He is a good extension developer…
@vknow360 is very young
He will 15 years old in some days…

1 Like

ChangeLog Version 2
Changes

  • Some internal changes so that you don’t have to call ‘GenerateKeys’ method to initialize extension.
3 Likes

Big thank you for creating this great extension! Asymmetric encryption was the one thing I couldn’t find in kodular. However, I have a couple of suggestions that would help a lot with usability.

First suggestion is to include an option to be able to encrypt using multiple public keys in a list. This would allow text (data) to be later decrypted by any one of two or more private keys. If you think of a chat app, at a minimum, you would likely want two public keys. A chat message should be encrypted with both the receiver and sender public keys. This way, you would only need to store one copy in a database that could be read by sender or receiver. Also, you could potentially have multiple recipients. Work around would be to store multiple copies of a message, one for each person, but that is not practical when storing or transmitting data.

Second option I would like to see is option to encrypt data besides text such as pictures, video or audio. Again, using a chat app as an example, it is common to attach an image.

Hi @jl9322 Welcome to Kodular Community
Glad you liked it :heart_eyes:

It seems fine from one side but when you go deeper you will find that you are compromising with your privacy.The logic behind asymmetric encryption is that it encrypts data in such a way that the one who has private key can decrypt the data. But what if there will be two public and private keys? Well in that case if someone somehow got one of both keys then your data can be decrypted easily.

I will try to add this :slightly_smiling_face:
Thank you for your suggestions :heart:
I found this useful so I want to share it with you:

1 Like

Thanks for the reply @vknow360 and for taking my suggestions into consideration. :blush:

I see your point on security is weakened by using multiple keys to encrypt. However, the additional risk should be up the to app designer and users. It would be like sharing a secret, the more people you tell, the more likely your secret will get out, but a choice that is made.

I would think using multiple public keys is a fairly common use case, especially if the two keys belong to the sender and recipient of a message or file. Without this option, only the recipient (private key holder) would be able decrypt the data. The person that encrypted the data would have no way to then decrypt it.

Using a chat app as an example, where message are stored on a server, the message would have to be encrypted and stored twice for both the sender and recipient to be able to later fetch and read the message. I would think that it would be more practical in most cased just to encrypt the message once with two public keys.

Still using a chat app as an example, if you had a conversation between three people, it would get much more complicated to encrypt messages. Sender would have to encrypt message three times, two recipients plus their copy of sent message. Then there would be no way to guarantee or prove that all recipients received the same message or data.

Another example may be where a user wants to secure some data, but have the option for someone else to possibly be able to retrieve a document. Say an employ secures a document, but needs one or more people to be able to decrypt it for use or as a back up without having to share the private key. With only one key, there is no back up if something happens to the one and only private key.

This app GitHub - open-keychain/open-keychain: OpenKeychain is an OpenPGP implementation for Android. is an example of an implementation which allows for multiple public keys to encrypt a file.

I hope you will consider looking into providing this as an option.

3 Likes

Your chat app example reminds me a wonderful and useful post by Evan W. Patton on MIT AI2 community:

If I am not wrong KeyChain is an Android implementation of PGP which also uses Asymmetric Encryption.It implements a solution such that symmetric encryption is used to encrypt data, and asymmetric encryption is used to encrypt the key.
Now if you want to use PGP in Kodular then use Cryptography component and this extension together.

2 Likes

use this extension for encryt videos ?

Hi @The_Revenger_Studios Welcome to Kodular Community

Since extension can only encrypts string so first you will have to convert video to string and then you can encrypt that string using this extension.

How this can be possible?
Can you please explain how to do it?

Another Great extension by @vknow360

Please make speed check extension

Using this:

2 Likes

Hi @vknow360,

This is indeed another interesting extension. For sure I am one of many who are testing this to work. For now I am trying to have a successful “encryption”. I downloaded from the link above and changed the labels for me to fully understand. Probably if it works I will document it so that everyone can follow from top to bottom.

1 Like

Hi @vknow360

Below is when the key is too short

1 Like

Hi @vknow360,

Bellow using default, with key length and without but seems both of them have the same error response. May I know what should be the steps? Sorry really newbie here.

1 Like