Canvas comes with simple and secure Encryption and Decryption to protect and safeguard the data shared between Server and Client.
| Note |
|---|
When you enable encryption, Canvas will encrypt all requests coming to your application including log out. |
Features:
- It encrypts and decrypts every requests and responses in both the Server and the Client side.
- It provides with a secret key established between the client and the server using Diffie-Hellman Key Exchange mechanism used for the client and the Server side encryption and decryptionkey exchange mechanism, post which, the actual encryption takes place with this secret key using AES-GCM encryption algorithm.
- It provides General Public Keys a secret key for the Client and the server side encryption and decryption.
- It provides the ability to persist the Secret key for a session.It provides the ability to exchange the Public key at every page reload in the browsers those do not support session-storage.
- It provides the ability to enable and disable the encryption and decryption.
- It provides AES - GCM security measures in order to enhance the safety features during encryption.
- It provides the ability to prevent from Man-in-the-middle attack.