If you are able to donate and contribute to the Haven project, please click here. Thank you.
> In cryptography, encryption is the process of encoding messages or information in such a way that only authorized parties can decode and read what is sent. Encryption does not of itself prevent interception, but denies the message content to the interceptor.
In an encryption scheme, the intended communication information or message (referred to as plaintext), is encrypted using an encryption algorithm, generating ciphertext that can only be read if decrypted. For technical reasons, an encryption scheme usually uses a pseudo-random encryption key generated by an algorithm. It is in principle possible to decrypt the message without possessing the key, but, for a well-designed encryption scheme, large computational resources and skill are required. An authorized recipient can easily decrypt the message with the key provided by the originator to recipients, but not to unauthorized interceptors.
The purpose of encryption is to ensure that only somebody who is authorized to access data (e.g. a text message or a file), will be able to read it, using the decryption key. Somebody who is not authorized can be excluded, because he or she does not have the required key, without which it is impossible to read the encrypted information.
@Kovri implements various types of encryption in at least 4 essential capacities:
- Reseed for bootstrapping
- Garlic-routing: three layers of encryption (garlic-encryption) are used to verify the secure delivery of messages to the recipient/peer/destination
- Tunnel encryption: garlic messages are passed through a tunnel and encrypted by the tunnel gateway to the tunnel endpoint
- Transport layer encryption prevents the ability to decrypt messages at the media layer
For details on the types of encryption and cryptographic signatures used in Kovri and I2P, visit Java-I2P’s Cryptography