Friday, September 20, 2013

Email Insecurity as Explained by Steve Gibson

If you've visited the Send Files Securely website, then you are already aware that email is not secure (e.g. Are email attachments secure?). Steve Gibson also explained this on Security Now Episode 408 (see video clip below).
As an alternative to sending private files over email, you can use Send Files Securely. All files uploaded will be encrypted and by adding a password you can ensure that only those you authorize can download and view the file.This solves the problems Steve is referring to in this video clip.

Friday, September 13, 2013

A Tale of Two Encrypted Files

There are various ways in which one can encrypt data. Some encryption schemes are better than others. For example, some encryption schemes produce the same result given the same input. Using this type of encryption could prove to be weak as it may allow someone to determine the original contents of the encrypted data based on similarities found in the encrypted results.

Send Files Securely implements an encryption scheme that ensures that every uploaded file will produce a different encrypted result. Even if you upload identical files, the encrypted form of each of these files will be completely different. This is achieved by including random data during the key creation and encryption process. This random data is referred to as a salt and an initialization vector.

Continuing from the example provided in my last blog post, What does an encrypted file look like?, suppose you upload a file containing your account number-

The first time you upload it, the encrypted result may look like the following-

But uploading the exact same file a second time, the result will be completely different-

Send Files Securely implements the latest in cryptographic standards and practices. By using a mode of AES encryption that is guaranteed to produce unique encrypted results, your private data is better protected and safeguarded. Upload and send your files securely today!