transferProxyTokenEncryptionAesKey: transfer-proxy-token-encryption-aes-key → What value?

[jerzy-wachowiak]

Discussion transferred from eclipse-edc/Connector#3110

AES is a symmetric encryption algorithm, used in EDC for securing EDR (?). If a CX network consists of several EDCs all of them have to use the same aes-key. (The aes key is set as EDC global in 0.3.4 in

tractusx-edc/charts/tractusx-connector/values.yaml

Line 510 in 568c5b7

transferProxyTokenEncryptionAesKey: transfer-proxy-token-encryption-aes-key

)

1. Is the above statement correct?
2. If yes, what is the value of aes-key used for data exchange on INT (Hotel Budapest)?

Additionally, I would like to ask for the difference between encryptionAesKey and transfer-proxy-token-encryption-aes-key (Stephans question)

[stephanbcbauer]

Thx @jerzy-wachowiak for the transfer to tractusx-edc

[stephanbcbauer]

@jerzy-wachowiak, @paullatzelsperger this is just a copy paste from our last meeting as a result for this discussion. If this answers your question, please mark the dscussion as answered. thx :)

@jerzy-wachowiak Do we use the same AesKey in the whole network (hotel budapest)? Does each EDC has to use the same AesKey? Do every out of 100 EDCs has to have the same AesKey?

Answer from colleague -> One AesKey for one instance. I have my own AesKey, I do not share my key. You have your own AesKey.

AesKey is used for data encription from EDR to provider / consumer and back. You yourself need to be able to decrypt it. Once cycle is complete, you decrypt it. You don't want anyone outside your EDC to be able to decrypt it.

[stephanbcbauer]

@jerzy-wachowiak did the answer help? If yes, please mark it as answered. THX