PreVeil encrypts all user data End to End which means that the information is encrypted and decrypted only in a user’s client device. The information stored on the cloud server is always encrypted; the server never can see plaintext data. In the PreVeil system, each document or message is encrypted with its own unique key, using the XSalsa20 stream cipher. Even file names and email subjects are encrypted. The decryption keys are never visible to the server, unlike other systems where the server has access to decryption keys in order to manipulate or display user data. PreVeil’s cloud servers are designed to protect user information even when they’re under attack because they can never see unencrypted data nor access decryption keys.
Taller IT Walls Aren't Working
Much of the state of the art in information security has been focused on building better and taller walls around enterprise IT systems. The security of the IT fortress becomes even more critical as more data moves to the cloud and as cloud service providers aggregate data from many organizations in one place. The problem is that these walls are limited in their effectiveness, and daily news stories of breaches only underscores their fragility. If a cloud service operates on plaintext user data, it’s vulnerable to attack.
Perhaps the problem should be reformulated: how can user data be protected even when the cloud is breached? The PreVeil system is designed to do just that.
With PreVeil, you're protected, even if the cloud is breached.
Here's how it works:
Advanced Key Management
The PreVeil key management system is designed to allow users to communicate and share encrypted data across multiple devices while hiding the complexities of keys from users. Each user is assigned a public/private key pair using Curve25519-based cryptography. The user’s public key is stored on the server and is accessible to other users, and the private key is stored only on the user’s device.
When a document or message is created, it is encrypted using a unique symmetric key.
This document key is then wrapped (encrypted) with the public key of each user that has access to the document. So if Alice and Bob both have access to document D, the key that encrypts D is encrypted itself using Alice’s public key and again using Bob’s public key. These two encrypted keys can now be safely stored on the server along with the encrypted document. When Alice needs to access the document, the system retrieves the encrypted document as well as the encrypted key (i.e. the document key that was encrypted with Alice’s public key). The PreVeil software on Alice’s device then uses her private key to unwrap (decrypt) the document key. And now the document key is used to decrypt the document itself. The creator of the document also digitally signs the document key so anyone else accessing the document can be assured they’re dealing with an authentic document (as opposed to an attacker who may be trying to claim they’re the author of the document).
All of this key management and distribution is completely transparent to the user and happens automatically.
Distributed Trust & Approval Groups
Hijacked or rogue administrators represent a significant threat to corporate security because they have broad privileges to access an enterprise’s information. A single compromised administrator can bring down an entire organization.
PreVeil’s Approval Groups™ distribute trust among a set of administrators so that no single person can compromise the entire enterprise. Privileged activities are enabled only after receiving cryptographic authorization from a pre-determined set of administrators. This way, if an end user loses all of their devices’ Approval Groups, the can restore their account and access all their data on a new device.
The process of Approval Groups is similar to the manner in which nuclear launch codes are implemented. When an Approval Group is set, the designated users’ keys are cryptographically fragmented using a well-established cryptographic technique called Shamir Secret Sharing. Individual key fragments are encrypted using the public keys of Approval Group members. The resulting encrypted fragments are stored on PreVeil’s servers. However, the keys to decrypt the fragments are never stored centrally.
Ease of Use
The PreVeil system is designed from the ground up to be easy to use, with a focus on a clean, simple user interface that hides complexity. It’s designed to integrate with existing applications and ways users like to work. For example, shared documents can be manipulated through the system’s native file manager – the Finder in Macintosh and File Explorer in Windows. PreVeil can also integrate with existing mail clients, like Mail on Macintosh and Microsoft Outlook on Windows. Consider Outlook as an example. Outlook was designed to connect to a Microsoft Exchange server as well as Internet email accounts using the IMAP and SMTP protocols. When a user installs PreVeil on a Windows computer, she is given the option of installing PreVeil in Outlook. When she does, PreVeil installs a special email account (with the same email address that the user already has) that’s used for secure communication. The account is set up to use IMAP/SMTP. PreVeil installs IMAP and SMTP proxies that are locally hosted on the user’s machine. All Outlook mail traffic to and from the PreVeil account goes to these PreVeil local proxies, which decrypt/encrypt messages and store them on the PreVeil server.
No Additional Passwords
Password proliferation is a big problem for two reasons – ease of use and security. Users hate having lots of passwords because of the difficulty in remembering and managing them. They often choose easy-to-guess passwords or store their password lists in an insecure place. From a security standpoint, password proliferation means less protection, not more. Passwords are also a major security risk for cloud service providers because password storage locations become prime targets that are inevitably breached; hundreds of millions of LinkedIn and Yahoo passwords have been stolen by hackers who breached their “secure” servers. In the PreVeil system, users are not required to create or remember any password. Instead, the system relies on strong cryptographic keys for user access. These keys are the private keys described above and are automatically created, managed and stored on the client device and available only to the user. PreVeil has no access to them. A user’s private key functions as a password except, unlike conventional passwords, it is equivalent to a number with dozens of digits. When users create a PreVeil account on additional devices, care is taken to transfer this private key to the new device using the secure Diffie-Hellman key transfer algorithm. Finally, any email or document encryption key stored on PreVeil servers is always encrypted (wrapped) under the user’s public key instead of a guessable password. Neither a hacker nor PreVeil can access it. With current computing power, it will take decades of computation to guess a key.