send email      login     


CryptoHeaven Security - page 2/3

Some of the features of the service include secure and highly encrypted email, secure document storage, secure document sharing and distribution, secure message boards, and secure instant messaging. All services fully encrypted using the latest technology including an AES symmetric cipher Rijndael with longest possible encryption keys of 256 bits, SHA-256 and SHA-512 message digest algorithm, and RSA asymmetric encryption with keys of 1024-4096 bits in length.

The user-name and passphrase with additional salt together create a unique user pass-code. This pass-code is only known to the user and never shared, stored, or send anywhere. When user forgets his user-name or passphrase, all of his data stored on the server will become inaccessible forever to anyone, we have no ability to recover any portion of the data or the lost pass-code.

When a new user account is created, the user generates his personal private/public key pair. The public portion of the key is then sent to the server where it can be picked up by others connecting to the system. The private portion of the key is encrypted with user's pass-code and stored on the local computer or sent to the server at user's choice. When the encrypted private key resides on the server, user benefits from ability to access his account from anywhere in the world through the Internet.

The user's software uses the private key portion directly or indirectly to decrypt all of the data stored on the server. Other Clients use the public portion of a user's asymmetric key to send messages - if they are authorized to do so through active contacts.

Secured communication starts with the server sending the client a one-time short-term randomly generated session key encrypted with userís public key. Client uses his private key to decrypt the session key by applying his pass-code and Rijndael(256) algorithm. From that point on, everything passing through the communication channel is encrypted using that key. The communication layer - sitting between the application and the network, automatically encrypts and decrypts all communications on both, the client and the server. The communication protocol protects data confidentiality, protects against packet dropping, reordering, or any other modification.

Data encryption layer provides second level of security encrypting all of the data content directly or indirectly with recipientsí public keys. This ensures that when the packets are received at the server and stored in our Data Center, nobody can decrypt the contents except for the designated recipients.

Read more ... or jump to page: 1 | 2 | 3

Consult CryptoHeaven Security FAQ for more information.

The source code is available for download.

 
 © 2001-2010 CryptoHeaven, Inc.
Contact Us | Service Agreement | Privacy Policy | User Guide | Site Map