Security

Web-based solutions or SFTP, which inherently only encrypt the transport route but not the data themselves, have security holes and are therefore often not a viable option in high-security environments.
This is where envoy comes in: files sent via envoy are already encrypted at the senders end, and can only be decrypted by the recipient ...of course, absolutely transparently, imperceptibly for the user and adhering to highest security standards.

Encryption of user data

envoy uses a combination of synchronous and asynchronous chryptography to offer maximum security. Every package sent via envoy is encrypted synchronously according to AES protocol, using a random and unique 128bit key. AES is considered calculation-proof; for example, this protocol is authorised for securing top secret governmental documents in the US.

Private and public user keys

Asynchronous RSA encryption is based on 4096bit user keys, and in turn serves to secure the synchronous keys provided to users with appropriate access rights. A certification chain, also ansynchronously secured with 4096bit RSA, ensures that the rights system and user system are consistent and manipulation-proof.

No insecure passwords

The envoy client saves envoy access data locally in an account file. This file should be secured by the operating system's rights system, and can be also assigned a secure password if necessary. Envoy cannot be accessed without the account file, a fact that also minimises the attack surface. The account file can be saved externally for back-up, or exported into other envoy installs.

What does this mean in real life?

  1. Through the use of native client applications, envoy offers a complete end-to-end encryption; no separate encryption is necessary.
  2. The encryption process runs in the background – imperceptively for the user.
  3. The envoy server only receives and saves strongly encrypted data. This means that your secrets are safe - even from the server administrator or hackers. Only people that you have given the necessary access rights in the envoy client can access your data. Nobody else.
  4. The synchronous 128bit-key cryptography shows high performance even with large file sizes, and the one-off use of keys means that it is also extremely secure. At the moment, there are no known exploits for AES 128. Current super computers require around 5.4 trillion years (taking into account the ongoing development of computing power) to crack a single package.
  5. The integrated life cycle management ensures that data remain in envoy only as long as they are needed. This minimises the consequences of human error (for example through errors in assigning access rights), and further increases security

Delivery of user keys

Unless explicitly required, envoy will not endow guest access. Users need to be created by an administrator, and will then receive an automated email with further instructions. Following a multiple-step, email-based process, the user then creates his individual key pair by entering a specific code delivered via email. This process is easy and comfortable, and provides an acceptable level of minimal security for the activation process. Since email is inherently insecure, it is hypothetically possible for a third person to intercept all envoy emails and impersonate the person meant to be activated, thereby dishonestly obtaining an envoy account. This remaining risk can be minimised through simple interventions, such as telephone consultations during user account creation, but cannot be completely eliminated (after all, it is possible that the person on the phone could pretend to be someone else). To achieve maximal security for this process, it is possible to provide the user with a data medium containing a configuration file, for example via courier, post-ident or pick-up.

Security blocks

  • 4096 Bit RSA
  • 128 Bit AES
  • certification chain
  • rights system
  • account file
  • Life Cycle Management

Key Length

The European Network of Excellence in Cryptology II publishes a yearly report of current crypto processes: www.ecrypt.eu.org