Encryption
The encryption process takes place through the use of algorithms, complex
mathematical functions that are applied to the message and make it
unreadable without the decryption key.
The encryption and decryption process can be described as follows:
Mail1Click uses open-source encrypted algorithms, universally known as actually being inviolable: TLS, RSA and AES. Within the context of a single communication, various levels of encryption are used with different algorithms and keys one within the other.
Transport Layer Security (TLS)>
Transport Layer Security (TLS) is a protocol that ensures privacy
between communicating applications and their users on the Internet. When a server and
a client communicate, TLS ensures that no third party may eavesdrop or tamper with any message. TLS is
the successor to the Secure Sockets Layer (SSL). More details:
Wikipedia: http://en.wikipedia.org/wiki/Transport_Layer_Security
Ietf: http://tools.ietf.org/html/rfc5246
RSA Asymmetric algorithm
The RSA cipher represented a real turning point for practical
applications with high quality, guaranteed security and reliability.
The words "strong encryption" were used exactly with the availability of the RSA
algorithm.
Following are the main features of the algorithm:
- secrecy and privacy: the content of the information and communication must be ONLY accessible to the sender and the recipient of the information
- integrity: the content must not be altered during the exchange phase, therefor it must stay in its original form
- authentication: this aspect is very important because RSA guarantees the origin of the sent information, only the sender with his own private key is able to encrypt the message therefor transform the message into an unreadable form consequently the receiver will have confirmation of the origin because he will be able to decrypt the message only through the corresponding public key
- non repudiation: the sender cannot state that the message has not been encrypted with his private key because the private key used for the encryption is unique and it's the owner's responsibility to make sure that it is not used by non authorized third parties
To this day the RSA together with the AES algorithm is the most used algorithm in commercial systems.
It is used:
- -to protect web traffic, in the SSL protocol (Security Socket Layer),
- -to guarantee email privacy and authenticity in PGP (Pretty Good Privacy),
- -to guarantee remote connection in SSH (Secure Shell),
- -Furthermore it plays an important role in the modern payment systems,
- -through SET protocol (Secure Electronic Transaction),
The RSA has it's advantages of being a reliable and safe system but it also has the disadvantage of being very slow in data calculating. For this reason it is used in hybrid cryptographic systems that simultaneously use symmetric algorithms (AES) for the communication and data encryption phase and public key algorithms (RSA) for the safe delivery of the symmetric key (or session key) that is necessary for encrypting and decrypting the message.
Wikipedia:http://en.wikipedia.org/wiki/RSA_(algorithm)
AES (Advanced Encryption Standard)
AES (Advanced Encryption Standard) is a block of cipher algorithms. Currently,
Mail1click uses it to encrypt servers hard disks with a 256-bit key. This algorithm has been chosen because of its very high
security levels and performance, combined with rapidity of calculation.
Wikipedia:http://en.wikipedia.org/wiki/Advanced_Encryption_Standard