Add seed used for deterministic encryption #278
Description
Problem
Currently, encryption is non-deterministic due to ephemeral random scalar generation. This means different processes running the same call with same inputs leads to different set of bytes, albeit all valid and correct.
If one needs to achieve determinism, this approach does not allow for it.
Solution
Add an additional seed input to the encrypt call from which the ephemeral random scalar used for encryption is generated from.
This results in all nodes having the exact same set of output bytes.
Important
With this addition, the security of encryption is shifted to whoever calls the encryption method. The passed seed should never be disclosed as it compromises the encryption. Anyone with access to the seed will be able to decrypt the ciphertext.
Metadata
Metadata
Assignees
Labels
No labels