use of PKI Technology
ArticSoft products have been designed to provide you with easy to use facilities to protect your information.
Underpinning the products are technical mechanisms, encryption and digital signature techniques, that actually deliver that security. These mechanisms are sometimes referred to as part of a Public Key Infrastructure (PKI).
The cryptography used by ArticSoft is already proven through open source techniques. ArticSoft
Open PGP products that rely upon the use of Public Key Cryptography (PKI) for their effectiveness are fully tested for interoperation with VeriSign and Microsoft product offerings where these are necessary for the operation of the ArticSoft product(s). ArticSoft have followed the commonest certificate formats so as to interoperate with the majority of other PKI supplier's products seamlessly.
See also Data Security Design Considerations and Passwords vs PKI.
Encryption or confidentiality and privacy methods
ArticSoft products follow the convention of using a symmetric encryption algorithm to make information private, and transferring the key of the encryption algorithm to the recipient using an asymmetric (public key) algorithm. The key that is used to decrypt data and sign information (private key) never leaves the user's PC.
The key used in the symmetric
algorithm is generated each time it is required. Generation of random bit strings (random numbers) is carried out in conformance to FIPS (Federal Information Processing Systems, USA) recommendations.
The symmetric algorithm implemented by all ArticSoft products is AES (Advanced Encryption Standard, a.k.a. Rijndael) using a 256 bit key length. The implementation is compliant with the FIPS 197 recommendation. ArticSoft products providing
confidentiality and privacy use the RSA algorithm with a key length of 2048-4096 bits for transferring the key of the symmetric algorithm. Where a user provides their own keys the algorithm and key length used are taken from the certificate holding their public key.
See also ArticSoft use of AES encryption.
Signing and signature forming mechanisms
The encryption algorithm used to form a digital signature by the ArticSoft products
is RSA (after Rivest, Shamir and Adelman, its inventors). If a user requests that a key pair is generated automatically by an ArticSoft product the key length for the algorithm can be set to 2048-4096 bits. Where a user already has an RSA key pair generated and instructs an ArticSoft product to use that key pair, the key length is defined by the certificate wrapping the public key (PKCS#12 format) and will be used accordingly. No specific advice is offered on the selection of key lengths, although
it is generally considered that a longer key length will provide encrypted results that are less easy for an attacker to forge the signature. Generally it is thought that a key length of 512 bits should not be selected.
A digital signature is formed by encrypting a message digest or hash of the content to be signed. The technique used by ArticSoft is SHA-1 (Secure Hash Algorithm) in conformance to the specification published by NIST (National Institute of Science and Technology, USA).
The hash length used in current implementations is 160 bits, but ArticSoft are monitoring the standards being proposed by NIST for implementations of this algorithm with hash lengths of 256, 384 and 512 bits.
See also the use of digital signatures in AricSoft PGP compatible products.
Signature verification mechanisms
The encryption algorithm used to form a digital signature by the ArticSoft products is RSA (after Rivest, Shamir
and Adelman, its inventors). If a user requests that a key pair is generated automatically by an ArticSoft product the key length for the algorithm can be set to 2048-4096 bits. Where a user already has an RSA key pair generated and instructs an ArticSoft product to use that key pair, the key length is defined by the certificate wrapping the public key (PKCS#12 format) and will be used accordingly. No specific advice is offered on the selection of key lengths, although it is generally considered that
a longer key length will provide encrypted results that are less easy for an attacker to forge the signature. Generally it is thought that a key length of 512 bits should not be selected.
The list of Trusted Authorities provided by ArticSoft at the time the first ArticSoft product is loaded by the user consists of the known valid certificates from the lists published with either the Netscape or Microsoft browser, together with a limited number of sources that are generally understood to be Authorities that
have been publicly listed on Internet reference sites. ArticSoft does not make any warranty for the accuracy or correctness of this information and the user is responsible for satisfying themselves about the validity of such information. ArticSoft will update the list of Authorities from time to time and make available such lists from its website, on a best efforts basis.
Users are free to add or delete Trusted Authorities at any time, but ArticSoft does not take any responsibility for information
deleted in error or provide mechanisms for un-deleting list entries. ArticSoft recommend that users maintain regular backups of their keystore (which includes the Authority list) in case an Authority is deleted in error.
When a user adds an Authority to the list, the relevant ArticSoft product will carry out a mathematical check on the certificate signature and will not add the new Authority if this fails. If a certificate chain is present that points back to an Authority already in the Authority
list, a mathematical check will be carried out on the chain back to the listed Authority. Again, if the mathematical test fails the new Authority will not be added. No other checks will be carried out. When a user adds a new Authority they must satisfy themselves as to the authenticity of the new Authority.
Protection of your keys
ArticSoft products store your keys in a secure container called the keystore. The keystore is password protected using password based encryption
(pbe). Your password along with a random number (the salt) and a number of rounds is used to form a secret key. The password is not stored anywhere on your disk. The use of a salt as an additional input can thwart dictionary attacks or pre-computation attacks.
Normally, an attacker can easily pre-compute the digests of thousands of possible passwords and create a "dictionary" of likely keys. By digesting the password with a salt, the attacker's dictionary is rendered useless.
Further, by using a number of additional rounds, a knowledge of the algorithm in use does not help the attacker break the system. The salt chosen for each keystore is random in nature, it is highly unlikely that the same salt will be used for the next encryption process thus limiting the attacker further since no amount of observing one keystore will help attack another one.
Your keystore is therefore very safe when stored on your disk as it can't be easily attacked. Using a longer
password to protect the keystore also makes an attack more difficult.