Top-Grade Encryption is Your Key to a Private and Secure Online Experience3 min read
Who owns your data? The common sense answer is obvious. However, it isn’t always true. Almost any concerned third party can search, access, and even take advantage of your digital information. Only top-grade encryption can remedy the situation. It works like a barrier between you and others in the cyber space, ensuring that no one has access to your personal data except you.
There are a wide variety of encryption methods that can be used to protect your online identity. Today, we will continue to talk about the methods we use in our security products.
Algorithms and strength of encryption
KeepSolid team stands for a safe access to the open internet. We studiously reevaluate possible threats, to provide you with a high-quality service and a strong protection. That is why we offer an extremely secure 128-bit and 256-bit encryption. Our security apps use both methods depending on the protocol and operating system to ensure the best protection and performance.
You can learn more about these Advanced Encryption Standards (AES) in our “Let’s talk about encryption” blog post.
In our software, we use RSA as an authentication method. It is considered as one of the most secure form of authentication. It does not rely on the network, routers, domain name servers, or the client machine. The only thing that matters is access to the private key.
According to Wikipedia, “RSA is one of the first practical public-key cryptosystem and is widely used for secure data transmission. In such a cryptosystem, the encryption key is public and differs from the decryption key which is kept secret.”
This means, the asymmetry in RSA allows a private key to be shared to encode messages, without giving any information on the private-key to decode messages. Therefore, this public-key may be published online so that anyone can send a message to the publisher, however, only the publisher will know how to read it.
For browser plug-ins we use following aspects:
Supported Server Cipher(s):
Preferred TLSv1.2 256 bits AES256-GCM-SHA384
Accepted TLSv1.2 256 bits AES256-SHA256
Accepted TLSv1.2 256 bits AES256-SHA
Accepted TLSv1.2 256 bits CAMELLIA256-SHA
Accepted TLSv1.2 128 bits AES128-GCM-SHA256
Accepted TLSv1.2 128 bits AES128-SHA256
Accepted TLSv1.2 128 bits AES128-SHA
Accepted TLSv1.2 128 bits CAMELLIA128-SHA
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength: 2048
In the nearest future, we plan to improve these criteria to make protection of your sensitive information stronger.
The cryptographic handshake is used to establish a secure connection. Its effect is highly influenced by a private key size. The longer is the key, the more secure is your connection. We use a Diffie-Hellman (DH) method with a minimum 4096-bit key, and Elliptic curve Diffie-Hellman (ECDHE) protocol with 256 bits.
These encryption algorithms are extremely hard to crack, as they allow a key establishment to happen independently of the server’s private key. This gives the connection a forward secrecy (a fresh public key is created for every single connection). A very useful option that protects your personal data from being decrypted even after the fact the private key is somehow exposed.
When it comes to your personal data, there should be no alternatives or doubts about who owns it. Your data is your business, and no other party is eligible to access it on your behalf without your permission.
Don’t lose your right to be free and secure online. Encrypt your internet traffic now with VPN Unlimited.