Crypviser’s technologies eliminate the German state-sponsored “State Trojan” (Bundestrojan) threat
So, why is Crypviser resistant to the “German State Trojan” — or “Bundestrojan”, and how has Crypviser eliminated this threat?
The Crypviser Network for private social communication is presented as a unified communication app — a “messenger” with the highest level of security and cryptography models based on Blockchain.
The “German State Trojan” is a malware “spying” software designed to spy on mobile devices, tablets and PCs. Its design was sponsored by the German government, in order to intercept user communication and track all messages, chats, calls, video records, photos and other private data.
Although we do not yet have detailed tech specifications or algorithms to explain how the “trojan” works, in Crypviser’s cryptographic and security models we have implemented disruptive and innovative encryption and authentication technologies to prevent and recognize all kinds of “Man in the Middle” (MiTM attacks), and provide professional data protection on all levels, including local, (on user devices), network and server side (service provider).
This means that attempts by any malware including the “State Trojan”, to intercept users’ data before it is encrypted on their devices — in other words any “MiTM” attacks — will be immediately eliminated by Crypviser using a decentralized model of encryption-key distribution through Blockchain and a new kind of client-server authorization powered by CrypID.
CrypID is a new kind of client-server authorization technology, where each Crypviser user receives a unique cryptographic key generated solely on the user’s local device, protected by user-related personal details such as a passphrase, screen-tracked finger-movement, fingerprints (depending on device), and other sources of protection.
CrypID is used for identifying users on the server’s side. Since it is generated based on multiple cryptographic hashes from different sources, and only a part of CrypID is submitted to the server, it maintains the strict anonymity of the owner. The second part of CrypID is solely stored on the user’s local device and never leaves that device.
A part of CrypID is registered on the Blockchain and associated with a user’s authentication public key (open key), which is used for, and a necessary part of data encryption.
Blockchain, alongside CrypID, guarantee and provide genuine authentication of encryption keys, so all attempts by malware, including the “State Trojan” of attacking users’ devices and “swapping” encryption keys will be detected by an integrated “intelligent intrusion detection” system, and the user will be notified immediately!
CrypID also uses the session keys generation process during the Crypviser’s user authorization on the server. The innovative validation process of CrypID takes place on both the user and server sides, which eliminates any manipulation with a user’s credentials on the provider side.
The next level of security is an OS-independent encrypted local storage on a user’s device. Access to the data on the Crypviser user’s storage is protected by a symmetric encryption key, which is located only on the local device.
To overcome physical loss of a local encryption key or loss due to malware activity, such as the “State Trojan”, the key is protected by a user-specific password provided during the account registration process.
The hash of the symmetric key is partially used for CrypID generation alongside the decentralized public-key distribution model.
Finally, using the most advanced, secure and reliable cryptographic protocols and encryption algorithms — such as symmetric chipper Salsa20/20 — the security of Crypviser communication platform is impenetrable, leaving no chance for any malicious tools, including the German “State Trojan”, to affect users’ data.