docs/federation/encryption.md
---
title: Encryption
---
diaspora\* wraps the Salmon [Magic Envelope][magicsig] into a simple JSON structure, to encrypt private messages.
## Encrypted Magic Envelope
### JSON structure
~~~json
{
"aes_key": "...",
"encrypted_magic_envelope": "..."
}
~~~
| Key | Description |
| -------------------------- |------------------------------------------------------------------------------------------------------------------------ |
| `aes_key` | The [AES Key JSON](#aes-key-json-structure) encrypted with the recipients public key using RSA and then base64 encoded. |
| `encrypted_magic_envelope` | The [Magic Envelope][magicsig] encrypted with the `aes_key` using AES-256-CBC and then base64 encoded. |
### AES Key JSON structure
~~~json
{
"key": "...",
"iv": "..."
}
~~~
| Key | Description |
| ----- |---------------------------- |
| `key` | The base64 encoded AES key. |
| `iv` | The base64 encoded AES iv. |
Both `key` and `iv` have to be suitable for AES-256-CBC.
## Additional information and specifications
* [Magic Envelope][magicsig]
[magicsig]: {{ site.baseurl }}/federation/magicsig.html#magic-envelope