Encryption Without Compromise

Encryption that’s supposed to safeguard our information is often used in ways that defeat its purpose.

 

In the world of computer security, encryption is the fundamental technology used to keep information safe.  If information is unintelligible, it can’t be understood – unless one has the decryption key.  This last phrase is important.  Without an understanding of who has access to decryption keys, as well as where information is decrypted, encryption’s benefits can be limited.

 

Let’s start with a review of how most popular cloud-based services use encryption.  Examples include Gmail and Google Drive, Microsoft Office 365 and OneDrive, DropBox, and others.  In all these cases a secure tunnel is set up between client device (PC or mobile) and server.  The secure tunnel uses encryption during the transmission of information between the device and the server.  It’s called “encryption in motion,” and it means that an eavesdropper on the Internet cannot see the underlying data communicated between client and server.  However, both the user and the provider of the service have access to decryption keys. Once the data gets to the server, it’s decrypted so that the server can deliver whatever services it’s supposed to offer.  These services can include storing or displaying documents, searching for information, and placing advertising.

 

The issue is that one has to trust the server to keep the user’s data private.  A lot of money has been spent essentially building technological walls around data centers and cloud, but breaches still occur.  If attackers can get into the server, they can see users’ raw, unencrypted data.  More broadly, anytime a cloud service can decrypt a user’s data, that data will be compromised when the servers are inevitably breached. That’s a problem.

 

The server is not really worthy of the trust placed in it because an adversary – which could be external or internal (e.g. a rogue employee) – can get to all data if they can get access to the server.

 

Some services try to limit their window of vulnerability by only decrypting when the server is working on the data.  The rest of the time, data is encrypted while it’s being stored.  The industry refers to this as “encryption at rest.”  The thinking goes as follows – given that most users’ data is at rest most of the time, i.e. the server is only operating on a very small subset at any given time – the severity of any attack can be minimized.  The fallacy of this logic becomes obvious by asking the simple question, “who has the key?”

 

For most cloud-based services, encryption keys are kept in the cloud along with all other data from all users.  So the benefits of encryption at rest are minimal at best.  An attacker that can get access to the server can also get access to all the encryption keys and therefore access to all user data.

 

Too many encryption schemes are ultimately compromised by ease of use.  Cloud servers keep the keys to encrypted data because keeping these keys somewhere else might mean that users would have to know about keys, where they’re stored, and how they’re managed.  All this can make services unusable for most people.

 

PreVeil is different.  It’s end-to-end encryption without compromise. PreVeil’s cloud based services assume that its servers can be breached and cannot be trusted.

 

PreVeil servers never see unencrypted data.  End-to-end encryption means that any information leaving a user’s device is encrypted in transit, at rest, and also “in-use.”  Any services the cloud provides are performed on encrypted data only; it’s not possible for the server to see unencrypted data.

 

Who has the keys?  The server doesn’t.  Or, more specifically, the server can’t see the keys.   The server only stores encrypted keys on behalf of the user so the user doesn’t have deal with the complexity of key management.  The PreVeil system uses a complex set of keys for all kinds of operations, but the keys to decryption are never visible to the server.  The keys that ultimately provide access to data are based on users’ “private keys,” and these private keys are stored only on users’ devices — the final places where information is decrypted for the user.

 

That’s why we say that PreVeil offers end-to-end encryption without compromises.  End-to-end encryption means that the server never has access to decrypted data.  No compromises means that the decryption keys are never visible to the server. All of which protects users’ information even when the server is breached.