Skip to content

Latest commit

 

History

History
46 lines (32 loc) · 2.58 KB

service-cryptography.md

File metadata and controls

46 lines (32 loc) · 2.58 KB

Backend Challenge - Cryptography Service

Introduction

The "Cryptography Service" challenge is designed to build a service that provides encryption and decryption functionalities, ensuring data security through cryptographic techniques.

Objectives

  • Understand basic cryptographic concepts.
  • Implement encryption and decryption functionalities.
  • Secure sensitive data in a backend application.

Instructions

  1. Objective: Develop a service that offers encryption and decryption of data using a chosen cryptographic algorithm (e.g., AES, RSA).

  2. Environment Setup: Choose your preferred programming language (e.g., JavaScript, Python, Java, C#) and set up the necessary environment.

  3. Implementation Details:

    • Endpoints:
      • Define an endpoint (/encrypt) that accepts data via HTTP POST requests and returns the encrypted data.
      • Define an endpoint (/decrypt) that accepts encrypted data via HTTP POST requests and returns the decrypted data.
    • Encryption and Decryption:
      • Implement encryption using a secure algorithm (e.g., AES for symmetric encryption, RSA for asymmetric encryption).
      • Implement decryption to reverse the encryption process and retrieve the original data.
    • Key Management:
      • Securely generate and manage encryption keys.
      • Store keys in a secure manner (e.g., environment variables, key management service).

  4. Testing: Test your service using a HTTP client (e.g., Postman, curl).

    • Send POST requests to the /encrypt endpoint with different data inputs and verify that the response contains the encrypted data.
    • Send POST requests to the /decrypt endpoint with the encrypted data and verify that the response contains the original data.

Possible Improvements

  • Authentication and Authorization: Implement authentication and authorization to control access to the encryption and decryption endpoints.
  • Logging and Monitoring: Add logging and monitoring to track encryption and decryption activities.
  • Algorithm Selection: Extend the service to support multiple cryptographic algorithms and allow clients to choose.
  • Performance Optimization: Optimize the encryption and decryption processes for better performance.
  • Key Rotation: Implement key rotation mechanisms to periodically change encryption keys.

Conclusion

By completing this challenge, you will gain practical experience in developing a cryptography service and learn essential practices for securing data in a backend application. Explore additional improvements and challenges to further enhance your skills.

Happy coding!