We have done everything that outsiders never see the contents of your encrypted files and at the same time the work with them was easy and convenient.
It uses standard and safe cryptographic algorithms to encrypt files. (AES or DSTU GOST 28147: 2009 with a key length of 256 bits).
It uses the cryptographic public key systems to secure exchange of key information with others users*. (RSA with a key length - 1024-2048 bit or DSTU 4145-2002 - standardized algorithm in Ukraine based on the elliptic curves with a key length - 163-509 bits).
It is available free cloud service which is integrated into the program to exchange public keys between users.
We recommend the use special hardware devices - tokens to store the secret keys (including for devices based on Android). It is available and less secure software key store. Secret information is stored in encrypted form and key for its encryption is generated using a password which comes up with the user.
*Cryptographic systems with the public key are based on the following principles:
— each user has two interconnected key (the key pair): private (secret) and open;
— the private key has only the owner and only this key can decrypt files intended for the owner of the key;
— the public key used to encrypt the files that are intended for the owner of the private key connected with the public key;
— the public key is available to all. Knowing the public key it is impossible to calculate the private key (and thus decrypt files);
— to work with encrypted files, the user generates a key pair and exchange with other users of public keys (public key certificates) any available means (by e-mail, using an external token or use a cloud service provided by the program);
— to store the private key, the user can use a secure storage software or additional hardware device;
— software repository stores the key information in an encrypted form in the memory of computer, mobile phone or tablet;
— hardware devices (tokens) based on smart cards provide maximum protection as the private key never leaves the hardware device, and it is not possible to receive it.