|
Internet has revolutionised the ways in which companies do business. The Internet Protocol (IP) is undeniably efficient, inexpensive and flexible. However, the existing methods used to route IP packets leave them vulnerable to a range of security risks such as spoofing, sniffing and session hijacking, and provide no form of non-repudiation for contractual or monetary transactions. Therefore, companies have demanded a more secure way to conduct business and have more internal control over security. Besides securing the internal environment, organisations need to secure communications between remote offices, business partners and customers.
EnDeSign provides complete encryption of file and folders along with digital signatures. Its features include:
 |
Privacy:
keeps the message confidential and prevents eavesdropping. |
|
Authentication:
digital signatures are used as proof of identity. |
|
Non-Repudiation:
files are digitally signed providing proof of origin. |
|
Integrity:
as files are hashed and signed, integrity is assured |
EnDeSign™ is powered with Advanced Encryption Standard Algorithm (Rijndael) of 128-bit key length (minimum). Symmetric Key Encryption and Signature are carried out using RSA algorithm. The choice for AES algorithm in EnDeSign is because:
-
RC2, RC4 and IDEA are all subject to intellectual property claims.
-
3DES is much less efficient than more modern ciphers.
-
The AES is efficient, and has withstood extensive cryptanalytic efforts. Hence it is a desirable choice.
EnDeSign
Features:
Extremely easy to use; the graphic user interface gives the user the advantage of achieving the functionalities on a mouse-click
-
128-bit length key used for encryption
-
Advanced Encryption Standard algorithm (Rijndael) is implemented
-
Asymmetric key encryption using RSA algorithm (512/1024/2048 key length)
-
File Encryption
-
Folder Encryption, one click encryption of all files in folder
-
Key Encryption
-
File Decryption
-
Folder Decryption
-
Key Decryption
-
Digital Signature on files using X.509 Certificates
-
Verification of Digital Signatures
-
CRL validation of digital certificates
-
Certificate Management including change of private key certificate password
-
No restriction on the file size or format of the file to encrypt/signed
-
Naming Convention for each action performed; the files can be recognized with their prefixes
-
Toolbars with fly-by usage hints
Convenience:
The graphical user interface allows it’s user to point and click for any desired function. The application gives user a convenient way to carry out the
functionalities.
Ease of
Integration:
Whether you choose
to develop any PKI application or to integrate with the existing application, you can request us for the EnDeSign API with all it’s libraries and tools, which you need to develop applications.
What is
Included:
Inside this product you will find series of functionalities like:
Encryption/Decryption:
Encryption provides confidentiality for data.
Additionally, encryption can be used to archive integrity because data cannot be
read generally also cannot be changed in a meaning full manner. Encryption is at
the heart of methods for ensuring all major goals of computer security. It is a
means of maintaining secure data in an insecure environment, and is probably the
most fundamental building block of secure computing.
You might encrypt files on your hard drives
so that loss or thefts of your computer would not compromise your date.
A cipher encrypts or decrypts data. Cipher
comes from two flavours:
Symmetric, or private key,
This cipher uses a single secret key to
encrypt and decrypt data. Symmetric keys can be useful in application like
hard-disk file encryption. The symmetric encryption is faster than asymmetric
encryption.
Asymmetric, or public key,
Ciphers use a pair of keys. One key is public
and may be freely distributed. The other key is private and should be kept
secret. Data encrypted with either key can be decrypted using the other key.
Key
Encryption/Decryption:
The symmetric key generated in encryption
process is again encrypted with the recipient’s public key for secured
transmission of the key. The symmetric key is decrypted at recipient's end with
his private key, which in turn gives the original symmetric key, required for
the decryption of the encrypted file.
Digital
Signature/Verification:
Digital Signature provides security features,
authentication, non-repudiation and integrity. A signature gives you assurance
that a message has not been tampered with and it is originated from a certain
person and that person cannot deny his signature. A signature is a message
digest (hash value) that is encrypted with signer’s private key. Only the
signer’s public key can decrypt the signature, which provides the
authentication and if the private key is not compromised, Non-repudiation is
also assured. If the message digests of the message matches the decrypted
message digest from the signature, then integrity is assured.
Certificate Revocation
List:
A Certificate Revocation List (CRL) denotes a list of
certificates that have been expired for some reason (e.g. the name of the
subject has changed, the private key can no more being treated to be only known
by the subject, etc.) prior to the regular ending of its validity period. A CRL
is maintained by a certification authority (CA) making it publicly available and
refreshing it in certain time intervals. Each revoked certificate included in a
revocation list can be identified by its serial number. The CA signs the
revocation list, and publish to facilitate user.
|
