What type of encryption is used?

Other FAQs

PicSafe uses RNCryptor for all encryption. RNCryptor is a cross-language AES Encrypter/Decrypter data format.

The data format includes all the metadata required to securely implement AES encryption, as described in "Properly encrypting with AES with CommonCrypto," and iOS 6 Programming Pushing the Limits, Chapter 15. Specifically, it includes:

  • AES-256 encryption
  • CBC mode
  • Password stretching with PBKDF2
  • Password salting
  • Random IV
  • Encrypt-then-hash HMAC

This format was used because it is widely supported. This makes it easier for institutions to integrate PicSafe into their medical record systems. There are implementations of RNCryptor in Swift, Objective-C, C, C++, C#, Erlang, Go, Haskell, Java, PHP, Python, Javascript, and Ruby.