Community
How and where are my authoriztion credentials stored?
Lytics takes great care to securely store any tokens or authorization credentials necessary to maintain connection to up or downstream channel tools. Upon submitting any type of auth credentials, such as oAuth or key/secret, an "authorization" record is created in our account database. This contains the contextual information such as author, description, etc, as well as an encrypted copy of your credentials.
When it comes to the encryption we adhere to the Advanced Encryption Standard (AES) to ensure credentials are never surfaced in a consumable way outside of our backend system processing. Any API calls will result in returning either no credentials or an encrypted version of the credentials.
What is AES?
AES, or Advanced Encryption Standard, is a block cipher that was selected by the U.S. National Institute of Standards and Technology (NIST) as the standard for the encryption of electronic data. AES is a symmetric cipher, which means that the same key is used for both encryption and decryption. AES is a block cipher, which means that it operates on data in blocks of 128 bits. AES has three key sizes: 128 bits, 192 bits, and 256 bits. The 128-bit key size is the most common, but the 192-bit and 256-bit key sizes are also secure.
AES is a secure algorithm because it has a large key space and a complex structure. The key space is the number of possible keys that can be used to encrypt data. The larger the key space, the more difficult it is to break the encryption. AES has a key space of 2128, which is an extremely large number. The complex structure of AES makes it difficult to find weaknesses in the algorithm.
AES has been extensively tested and has not been broken to date. It is widely used by governments, businesses, and individuals to protect sensitive data.