At the end of last sprint, we had finally resolved compilation problems that 3 of our 5 team members were experiencing, and we have Jason Knowles to thank for that. Our team felt a rejuvination of morale at the beginning of this sprint, and we began finally resumed work on implementation of our offline encryption-service. We split up the labor of implementing the service, among our 5 team members. I was made responsible of implementing functionality for ‘salting’. In encryption, a ‘salt’ is piece of random data that is used as an additional input to a hash function. Within the hash function, the salt is concatenated to the password or passphrase to be hashed, which will help defend the encrypted data from rainbow table attacks. I spent our first couple meetings researching salt, and was absent for most of the third meeting because I had to attend a lecture. As I have mentioned in earlier blog posts, our team planned to use the crypto-js encryption library for our offline encryption service – but when I did make it to the third meeting, my team members were having problems importing the crypto-js library into the Ampath application source. I had not experienced this problem yet because I had been doing all my implementation for the service within an npm runkit that had crypto-js integrated. This problem, apparently, ruined productivity for that meeting and the majority of it and the following meeting were spent trying to resolve this issue. Our teammate, Henry, began to have errors within his application toward the end of the sprint, haulting his progress. We were unable to resolve these issues by the end of the sprint.
During the second half of the sprint, I worked on implementation of the salting functionality. We discussed approaches with Matt Foley, of one of the other development teams, and we came up with a plan. Their team is working on an offline login service, and login data is currently the primary focus of our offline encryption. We decided that the salt for login data encryption would be the user’s username and the timestamp of their computer at the time of their login. One meeting was spent merging changes from our group repository with my working repository. Once that was done, I spent the remainder of the sprint writing a mock service for salting functionality. I did my rough work in an npm runkit with crypto-js integrated, because we were not able to figure out how to import crypto-js into the Ampath application. This is a major problem as we do not have any more time to research other encryption libraries. We decided that we will just all write mock implementation for the purposes of our end-of-semester presentation. The implementation for salting functionality seems pretty simple to me it is just incredibly unfortunate that we can not get the library imported into the application. Professor Wurst said that we can still work on implementation if we wish, but we will have to reserve only a small amount of time for it as we have to prepare for our presentation.