Privacy policy

Symmetrical

Symmetric encryption or secret key encryption uses the same key to encrypt and decrypt a message. Algorithms that use symmetric encryption are often faster, although this is not the most secure method for two reasons. First, it is necessary to have a secure sharing channel to exchange the secret key and the internet does not provide this security. Second, managing keys becomes more complicated as the number of people with whom the message is shared increases. Furthermore, symmetric encryption does not provide the possibility to verify the identity of the sender or receiver of the message in question.

Asymmetric

Asymmetric cryptography or public key cryptography uses a pair of distinct keys, one to encrypt the message and the other to decrypt it. The key to encrypt is known as the public key while the key to decrypt is known as the private key. This is the safest method for sharing messages on public channels like the internet. This is because only the public key is shared between the sender and the receiver, while the private key is used only to decrypt the message. It is important to note that in asymmetric cryptography we have the ability to know the user's identity, unlike symmetric cryptography.

The digital certificate is an electronic record that acts as an identity card and is a way to avoid communicating with an imposter.

As seen earlier, in asymmetric cryptography the public key can be shared freely on the internet. Therefore, an impostor can create a false public key for your friend and send it to you. The moment you encode a message, you are actually encoding for the imposter. Having the corresponding private key, he will then be able to decrypt your message easily. The digital certificate acts to prevent these situations. It is composed of several data that characterize an entity that is then associated with a public key. The digital certificate can be issued to individuals, companies, equipment and even network services. In addition, as a Certification Body, it is also responsible for publishing information about certificates that are no longer trusted.

The major disadvantages of digital certificates are basically their cost, which involves not only their acquisition, but also their periodic renewal, and also the inconvenient bureaucracy involved in their issuance.

"At rest" data is data that is stored somewhere: on a mobile device, on a laptop, on a server or on an external drive, for example. When data is at rest, it is not being moved from place to place.

An example of encryption that protects data at rest is “full disk” encryption (also sometimes called “device encryption”). Enabling full disk encryption encrypts all information stored on a device, protecting it with a passphrase or other authentication method. On a mobile device or laptop, this usually looks like a normal lock screen, which requires a password, passphrase or fingerprint. However, locking your device (requiring a password to unlock it, for example) does not always mean that entire disk encryption is enabled.

Entire disk encryption can protect your devices from people who have physical access to them. This is useful if you want to protect your data from people who share an apartment with you, co-workers, employers, school officials, family members, spouses, police or other public administration or justice officials. It also protects data on your devices if they are stolen or lost, if you, for example, forget your phone on the bus or in a restaurant by accident.

There are other ways to encrypt data at rest. One option, called “file encryption”, encrypts only a few specific files on a computer or storage device. Another option is “drive encryption” (also known as “disk encryption”): all data in a storage area or on a device is encrypted.

You can use these different types of encryption at rest in a combined way. For example, suppose you want to protect sensitive information contained in your medical documents. You can use file encryption to separately encrypt a specific medical file stored on your device. Then, you can use drive encryption to encrypt the part of your device where this medical information is stored. Finally, if you have enabled full disk encryption on your device, everything - all medical information, as well as any and all files on your drive, including files on your computer's operating system - is encrypted.

"Moving" data is information being transported from one place to another on a network. When you send a message in a messaging app, for example, it leaves your device for the servers of the company that developed the app, and then for your recipient's device. Another example is browsing the web: when you access a website, the data from that website is transmitted from the website's servers to your browser.

It is important to check whether the conversations you have with your recipient are encrypted - and it is also important to know whether they are encrypted via transport layer encryption or end-to-end encryption.

Cryptography is not a cure for all ills. Even if you send encrypted messages, they will be decrypted by the person you are chatting with. If the tips (the devices you are using to communicate with) are compromised, then your encrypted conversations may also be compromised. In addition, the person you are talking to can take print screens off the screen or keep records of the communication between you.

If you encrypt data in transit, it will protect the content of your conversations, but it will not encrypt the metadata. For example, you can use encryption to shuffle messages between you and a friend, making them incomprehensible, but this does not hide:

• that you and your friend are communicating.
• that you are using encryption to communicate.
• other types of information about your conversations, such as the location, time and extent of communication.

In addition, if you are the only person using encryption on a network, this metadata can be viewed as suspicious. That is why many crypto enthusiasts encourage everyone to use encrypted tools whenever they can: to normalize the use of encryption for those people who really need it.

The most common method of attack using encryption is brute force. This method consists of trying random keys until you hit the correct key. Any equipment that has access to the internet and that requires a username and password can be the victim of a brute force attack, such as e-mails. Therefore, it is important to know that the security of your key is directly proportional to its length. This is because the larger the key, the greater the number of possible combinations.

Taking all this information into account, encrypting your data when it is on the move on the network and also when it is at rest on your device is ideal for protecting you from a wide range of potential risks. Especially with regard to personal documents, confidential data, images and / or videos of a private nature, etc.

For your data on the go.

If you make a habit of using the Secret Messages Web and Mobile solutions, ALWAYS encrypt your documents before sending them to your recipients, it will dramatically decrease that unauthorized people have access to or even create copies of this data .

Our packaging technology makes it impossible even to discover the nature of encrypted information. That is, there is no way to know if the document was originally an image, a video, a .PDF file, etc.

For your data at rest.

The Secret Messages Mobile solution offers the feature of a SAFE (password protected) that stores your files using our encryption technology. In this way, even if unauthorized people gain access to your device, it will be impossible for them to be able to read the content of your documents.

Our packaging technology makes it impossible even to discover the nature of encrypted information. That is, there is no way to know if the document was originally an image, a video, a .PDF file, etc.