# Encryption

## Notes

1. Data-in-transit security by encrypting the communication channel: This is a must-have anyway and TLS 1.2 and above will be used (https), for communication between the FIU app and the AA web app.
2. Additional Data-in-transit security through encryption of data:

All encryption must be done using AES 256. For the AES 256 encryption below will be used:

**IV** – This can be 0\
**SALT** – This will be the reqdate or resdate\
**FI** – This will be the unique FIU ID ( i.e. the FIU entity id )\
**SECRETKEY** – This will be the secret passphrase shared by the AA with the FIU.

## References

* <https://mkyong.com/java/java-aes-encryption-and-decryption/>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://sahamati.gitbook.io/aa-redirection-guidelines/specification/encryption.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.