Encryption: lock the barn door before the horse is stolen

While security breaches are regularly making the news, the attention of users and companies is driven to encryption. Encryption protects access, data and interactions by transforming information to make it unreadable for third parties. But there is no such thing as universal encryption and there are multiple types of it used for online communication. The two core aspects about encryption are the spans of the network when the data is encrypted and the access to the keys. We’ll speak about them today.

The essential thing about using encryption for online conversations is to protect the data both when transmitted and when stored. Some services provide protection only while transferring the data, but the data on the servers is accessible for the company members.

VIPole has developed a different approach. End-to-end encryption in VIPole protects your data at all stages of transfer and storage. The files are stored encrypted both on the server and on the devices of VIPole users. We minimized the presence of the man in the system and there is no one in between who could monitor your activity.

Time to choose privacy

We believe that encryption protects our privacy and anonymity. The internet already knows too much about all of us, it is high time to move to the safe space. It does not matter, whether you need to discuss something vitally important or just to chit chat, when all your data is encrypted, your most secret conversations won’t be marked as special, they will be just as secure as all the others. When communicating in VIPole, you can be sure that no one can intercept or steal your data. Keep your data encrypted if you don’t want your financial affairs or other private items made public. Even if your computer or phone is hacked, all the data will remain secure, encrypted by VIPole.

Key management and why it is important

According to IBM’s “2014 Cyber Security Intelligence Index”, 95 % of all security incidents involve human error. VIPole removes the human factor from the list of possible risks. The software architecture of VIPole is designed in a way to provide the access to the user data to the user himself only. VIPole employees don’t have the technological opportunity to get the personal data of our customers.

Encryption key management is the distinguishing feature of VIPole. The data is encrypted with the public key and decrypted with the private key. The private key is known only to the owner and stored in a special file that is encrypted with a secret phrase created by the key owner. Only the user with the secret phrase for the private key can decrypt the data. The secret phrase is not stored anywhere. On the one hand, it protects the data, on the other — it cannot be recovered in case you forget it. Make sure you remember it as well as you remember your name.

Why the stages of encryption matter

In many other popular online services, only the connection between the client application and the server is secured. Encryption is not an issue, and access to the server means access the user data as well — it can be read and it can be passed to third parties, including the malevolent people and the legal authorities.

VIPole provides data security with a technological approach, therefore the human factor is minimized. VIPole managers do not have access to the private information of the users, because all data is transmitted and stored encrypted, and only the users own the keys. The secret phrase created by users to protect the keys is not stored or transferred to VIPole servers.

Technology in details

In this section, we describe the algorithms that protect the privacy of your conversations in VIPole. End-to-end encryption hides your messages, your transmitted voice and video and your files while they are both transmitted and stored.

• The messages and the files that you send are encrypted on your device, and only the recipient has the key to decrypt them.
• The encryption process is complex and involves both symmetric and asymmetric algorithms. The original message is encrypted with a symmetric algorithm (AES-256), Advanced Encryption Standard, using a session key. The session key is then encrypted with an asymmetric algorithm (RSA) of the public key of the sender and the recipients. Only the sender and the recipients can decrypt the session key with their private key, and then they decrypt the message.
• Your messages and files are transmitted and stored on the server in the encrypted form. On the VIPole server and on the user devices each file is divided into smaller parts, each of which is encrypted with a symmetric algorithm using a session key. Only the users who possess the private key can decrypt them.
• Voice and video in VIPole are transferred through a secure network channel that is specially established prior to the beginning of a call.

Thus, VIPole protects your data from interceptions and leaks. Neither third parties, nor VIPole itself can get access to the data, as only the users possess the keys. There is no use in trying to decrypt them, even the supercomputers would fail.

Let’s encrypt!

Most of us won’t shut the barn door till after the horse has bolted, and the recent hacks of both a multimillion online dating service and a governmental employee database prove, that protecting private data online is necessary for everyone. Would you like to become a next prey of hackers who want to make a political statement or just to get access to your bank account? Protect yourself from this misfortune and communicate securely in VIPole.

VIPole offers end-to-end encrypted messaging and collaboration solutions for teams and enterprises dealing with commercially or personally sensitive information, and individuals wishing to protect themselves from hackers, identity thieves and malware. More at www.vipole.com