[HELP] Safe inter-process messaging between actors on same machine, without installing a certificate

[mersu898]

I'm considering to refactor the architecture of a monolith desktop application into a new one, splitting the solution into multiple processes: the UI, a backend service and multiple workers, which will together perform a time-consuming operation.

Some of these workers will need to run with elevation privileges (in fact this is one of the reason for changing the architecture).

Additionally, sensitive information might be transmitted between all these processes (e.g.: user credentials, keys derived from user-provided password, etc.). Therefore, inter-process info needs to be encrypted. However, since all the processes will run on the same machine, I would not like to install any SSL certificates on the machine, since that could be exposed for attackers.

Can Akka.NET be used for this new architecture? I would implement Actors on all processes, and I believe Akka.Remote can take care of inter-process messaging, but I'm still unsure about the security mechanism.

Docs mention TLS, but the installation of a certificate is mandatory. Is it possible to tune that configuration? Maybe someway of generating the RSA key-pair randomly on demand, and sending the public key to the processes (and keeping the private key in-memory on the backend service; maybe use an expiration time for it, etc).

Are there other ways, or settings, to implement inter-process actor messaging security like mentioned above?

Thanks in advance!