Mailfence Reclaim your email privacy A SECURE AND PRIVATE EMAIL Mohammad Salman Nadeem Information security analyst – Mailfence 31 March 2017
Why did email encryption never take off? • Why email data needs to be protected? • Email encryption was not always secure! • What is the solution then? - End-to-end encryption! • “True” End -to-end encryption is complicated – it should be made easy-to-use Secure and private email
EMAIL ENCRYPTION SHOULD BE MADE EASY • Easy & secure access on all devices WEB BASED • Key generation, export, modify and delete their key pair PRIVATE KEY • Generate revocation certificates or perform direct revocation • Import their existing key via file or in-line text MANAGEMENT • Manage multiple keypairs • Seamless integration of key servers in our interface. PUBLIC KEY SERVER • Users can publish, search, import, update their public keys • Update public key validation status INTEGRATION • Integrated key-store unique to every account INTEGRATED ACCOUNT • For key-generation / import & advance key management • Supports multiple personal keypair management KEYSTORE • Completely independent from any third-party plugin/app Secure and private email
EMAIL ENCRYPTION SHOULD BE SECURE • Based on OpenPGP standard RFC-4880 • Supports both inline and PGP/MIME formats USE OF STANDARDS • Completely inter-operable with any other OpenPGP compliant solution • All crypto operations happen on the client side (browser) TRUE END-TO-END • Key-generation 4096bit RSA gets generated on the browser, THEN encrypted with the user’s passphrase and THEN stored on the server ENCRYPTION • Server holds a ZERO KNOWLEDGE framework for user keypairs SUPPORT DIGITAL • Sign, Sign + encrypt • Easy to understand signature validation results SIGNATURES USER-FRIENDLY • Crystal interface, which is easy-to-use • Operation flow is as simplified as any other email INERFACE Secure and private email
EMAIL ENCRYPTION: EMAIL AND MUCH MORE! • Calendars: • Groups: Shared calendar, meetings, polls. Manage groups to share data. • Documents: • Contacts: Create, edit, share documents. Create, manage and share contacts. Secure and private email
A UNIQUE ENCRYPTED AND PRIVATE EMAIL • E2EE: • Digital Signatures: • User friendly without Send & receive encrypted Send & receive plugins or applets emails (OpenPGP based). digitally signed emails All is done through the The private key is encrypted (inline & PGP/MIME). browser with passphrase (AES-256) Secure and private email
WITH INTEGRATED KEY-SERVER • Key Management: • Key-server integration Generate, Import/Export, Modify, Queries, Publication, Revocation. Revoke, Delete… your key -pair. Secure and private email
EMAIL ENCRYPTION: USER SHOULD BE FREE • Users get full control over their OpenPGP keys CONTROL OVER YOUR • No restrictions/or hidden blockages KEYS • Users can export their encrypted keypair and other public keys FULL REVERSIBILITY • Users can export their encrypted messages data • Users can send plain text to any other email address • Users can send encrypted emails other email addresses (OpenPGP NO DIGITAL ISLAND interoperability) • Supports encryption/decryption and signing/signature validation of attachments Secure and private email
WITH AN ENTERPRISE OFFERING • Personalised version: • Administration tools: Customised solution to fit specific needs. Web administration, Owl database Look & feel adaptation operations, … Specific subscriptions • API: • Dedicated hosting: Provisioning, group management, Both private or public cloud offering tool integration • Secure authentication: Ldap integration, 2FA, SSO, SAML Secure and private email
CONTACT US — Mailfence.com Blog.mailfence.com support@maifence.com Secure and private email
Recommend
More recommend