My account
0
0,00  0 items

No products in the cart.

Your military-grade safe

Our digital safe relies on a physical media encryption system, with 2 encryption keys stored in different physical locations and coupled, upon opening, with a second random code authentication system. Let's just say we're a bit paranoid! That way, we're paranoid for you, relieving you of this burden.

To understand our strategy, let's use the analogy of a real safe theft. A thief has 2 possible strategies:

  • Either he manages to open the safe during the burglary and leaves with the contents.
  • Or, the safe's security system is too complex, requiring too much time and means to open it on the spot, so he prefers in this case to detach it from its support and take the safe itself. He will open it later with the time and means needed in the comfort of his own place.

So, one must protect against these two issues: safe theft and its opening. The protection strategy in the digital realm should not deviate from this fundamental rule.

In computer science, in a file system, there are three possibilities for encryption:

  • The physical level of storage,
  • The logical level of storage (logical partition),
  • Then the file system (folders/files).

Encrypting at the file system level is like having a safe simply placed without fastening.

Encrypting at the logical level is like having a safe fixed to a partition.

Encrypting at the physical level is like having a safe securely anchored in a special room in the foundations of your house, with concrete poured all around it. Let's just say you need a bulldozer to remove it.

That's why, despite the technical complexity, our paranoia drives us to encrypt at the physical level to make it harder for the safe to be stolen.

Now, for the safe's opening itself.

In the physical world, you either need:

  • A good blowtorch,
  • To have spied on and stolen the safe's code from its owner.

In computer science, to decrypt something, you need either:

  • An ultra-powerful computer that can test all possible combinations,
  • To have successfully stolen the encryption key from its owner.

When selling you an IT security system, the level of encryption key is most often emphasized: 128 bits, 256 bits, ...

We won't deviate from the rule; we use the AES algorithm based on a 256-bit key. But this only corresponds to the thickness of the shielding. However, it's smoke and mirrors because the major vulnerability is elsewhere. No hacker chooses this option because there is no "IT blowtorch" capable of breaking even a 128-bit key.

In fact, cryptanalysis research has shown that the AES algorithm was not invulnerable as previously thought, but everything is relative because the conclusion is:

"With a trillion machines, each capable of testing a billion keys per second, it would take more than two billion years to recover a 128-bit AES key"

In other words, even with future quantum computers, which only states will be able to afford, your stolen digital safe will be difficult to crack in your lifetime.

As I mentioned earlier, the vulnerability lies elsewhere.

Indeed, we don't ask you to memorize a 128-bit key because no one could. It's stored somewhere and protected by a "passphrase." That's where all hackers will try to gain access. They will try to steal your key along with your associated "passphrase," or just your key and try to crack your "passphrase" with an IT blowtorch smaller than the key itself.

This is where the military level comes in. We drew inspiration from the protection of the nuclear deterrent system. Yes, we are a bit crazy!

In Russia, for example, it takes 3 men to "turn the key" at the same time. Well, we are inspired by this strategy of multiple individuals.

Our method is that your "passphrase" is randomly generated, then divided and associated with a rolling code. The divided parts are stored in different digital vaults.

It is therefore necessary to hack several other vaults before yours. Then, to know how to reassociate the pieces of passphrase that go together to finally attempt to use them on your vault, which must be stolen beforehand, with the ongoing issue of the rolling code that limits the time of action.

We have encapsulated everything in an algorithm of our own, adding other protections that we will keep quiet about here.

In the end, you have a double benefit with our system: maximum security while eliminating the need for you to manage a passphrase yourself. Not to mention that it's "click and go" for you, no geeky stuff to handle.