Skip to content

notnick2/hyperswitch-encryption-service

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
config
config
 
 
docs/images
docs/images
 
 
migrations
migrations
 
 
scripts/tls
scripts/tls
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
build.rs
build.rs
 
 
diesel.toml
diesel.toml
 
 

Repository files navigation

Cripta

Overview

A lightweight performant service to Encrypt and Decrypt your data and manage your Encryption Keys in a secure Storage.

The encryption service mainly has following functionalities:-

  • Encryption and Decryption: Encrypt and decrypt data using secure algorithms and the managed DEKs.
  • Key Management: Generate and Store Keys per entity which will be encrypted by a master key and stored in a secured manner.
  • Key Rotation: Rotate DEKs on-demand to enhance security and comply with organizational policies.

How does it work

  • Application communicates with the service to create a key for the specific entity.
  • Next time application has to encrypt/decrypt the data related to the entity, it has to send the entity identifier and the base64-encoded data, the Key Manager will encrypt/decrypt it for the application.
  • All the communication between application and the encryption service are authorised by Mutual TLS
  • All the Data Encryption Keys are Encrypted by either by securely generated AES-256 Key or a hosted Key Management Service (AWS KMS, Hashicorp Vault etc.)

Architectural diagram

About

Hyperswitch Encryption Service is an open source Encryption, Decryption and Key Management Service

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Rust 97.7%
  • Shell 1.7%
  • Dockerfile 0.6%