Cryptography

Introduction

Cryptography in Robility uses algorithms and techniques to protect data, messages, and transactions from unauthorized access or tampering. This includes methods like encryption, decryption, and hashing to ensure security. Cryptography is essential for maintaining data confidentiality, integrity, and authenticity within RPA.

Key Concepts

1. Encryption: Transforms readable data (plaintext) into an unreadable format (ciphertext) using an algorithm and a secret key, ensuring that only someone with the decryption key can read it.
2. Decryption: Converts the unreadable ciphertext back into readable plaintext using the correct algorithm and decryption key.
3. Hashing: Creates a fixed-length value (hash) from input data using algorithms like MD5, SHA-1, or SHA-256. This ensures data integrity and securely stores passwords.

Benefits

1. Data Confidentiality: Encryption methods like AES (Advanced Encryption Standard) ensure sensitive data stays private and unreadable by unauthorized users, protecting personal information, financial data, and proprietary information.
2. Data Integrity: Hashing algorithms like SHA-256 or SHA-512 create unique hash values for data. These hashes verify data integrity by comparing values before and after transmission. If data changes, the hash will be different, indicating possible tampering.
3. Secure Communication: Cryptographic protocols like TLS or SSL secure communication between bots, servers, and external systems. They encrypt data during transmission, preventing unauthorized access and attacks.
4. Access Control: Cryptographic keys control access to sensitive data. Only those with the correct keys can decrypt and view the information, ensuring that only authorized users can access and modify encrypted data.
5. Compliance Requirements: Cryptography helps organizations comply with data protection laws and standards like GDPR, HIPAA, and PCI DSS, which often require encryption and hashing to protect sensitive information.

Secret Key

A secret key, also known as a symmetric key or private key, is used in symmetric encryption algorithms for both encryption and decryption. This key is crucial for maintaining data security and confidentiality in automation processes involving sensitive information. Different types of data that can be used as a key include:

1. Random Data: Randomly generated data of the required length, crucial for security as predictable keys are vulnerable to attacks.
2. Passphrases: A sequence of words or characters that can be used as a key. Passphrases are easier to remember than random strings but must be long and complex enough to resist attacks.
3. Derived Keys: Keys generated from other data, such as passwords, using Key Derivation Functions (KDFs). KDFs enhance security by adding features like salting and iteration.
4. Key Files: Keys stored in securely managed files accessed by the encryption software. These files may contain binary data or encoded key information.
5. Pre-shared Keys (PSKs): Symmetric keys shared in advance between communicating parties in protocols like TLS or VPNs, used to establish secure communication channels.

Limitations for the secret key for each algorithm:

AES GCM, AES, Rijndael: The key length must be 16 characters.
DES: The key length must be 8 characters.
RC2: The key length must be 5 characters.
TripleDES: The key length must be 24 characters.

Key Encoding

Key encoding involves representing cryptographic keys in a specific format that is suitable for encryption, decryption, and hashing algorithms. This ensures that keys are compatible with cryptographic operations and can be securely managed and transferred between systems.
Robility’s Cryptography feature supports 148 different encoding types. Here are some of the most commonly used key encoding methods:

1. Unicode
2. Unicode (Big-Endian)
3. Unicode (UTF-32)
4. Unicode (UTF-32 Big-Endian)
5. US-ASCII
6. Western European (ISO)
7. Unicode (UTF-8)