id: encrypted-envelope title: Encrypted Envelope sidebar_label: Encrypted Envelope
Milagro DTA enables Principals (who required secrets to be safeguarded) to communicate with Fiduciaries (who provide a Custodial servce). To facilitate this transaction communication between the parties must be secure i.e. can only be read by the intended recipient and attibutable i.e. can be cryptographically verified to have been signed by known actors. Milagro DTA provides a this mechansim using an “encrypted envelope” format.
:::tip Milagro DTA Encrypted Evelope format is conceptually similar to S/Mime For more information about S/MIMEclick here :::
Overview
- The message consists of a header and body
- The message body can be plain text or encrypted with an aes key.
- The aes key for decrypting cyphertext is “encapsulated” i.e. encrypted using each recipient's public key
- The sender signs the message
- The meassge header contains a list of each recipient's encrypted version of the key
- The message is pushed to IPFS and the IPFS address hash is sent to the recipients
- The recipients read the message and verify the signature
- Only recipients with the matching secret keys can decrypt the aes key and use it to read the encrypted message bodies
:::note Post Quantum Cryptography At the time of writing Milagro DTA uses two cryptography libraries from submissions to the NIST Post-Quantum Cryptography Standardisation Project.
Multpart Messages
The Milagro DTA encrypted envelope is designed to facilitate a dialogue between the Principal and Fiduciary. Requests and responses are appended to the original document and published back to IPFS wich returns new HASH address. I this way an immutable copy of each transaction is maintained, but the intended recipients can view the intire history of the transaction (if they have the required decryption keys) can be seen within each update, providing additional assurance and verification and reducing round trips to IPFS.