People often have a need to communicate sensitive information with each other confidentially, i.e., in a way that does not expose the sensitive information to third parties. Internet-based communications such as email, instant messaging, SMS, and direct messaging via social networking sites such as Twitter and Facebook, are a natural choice due to their ease-of-use and ubiquity. Many people do not realize that by default most Internet-based communications methods offer little or no protection against unauthorized access.
Other people are aware of the security risks, but nevertheless use such insecure methods due to the difficulties of using more secure alternatives. In short, a large number of Internet users communicate sensitive information insecurely over the Internet due to their ignorance, lack of technical sophistication, or belief that the cost in effort of using secure methods outweighs the benefit.
In contrast, sophisticated users who have a strong interest in maintaining the confidentiality of their sensitive information often use technical means to protect their sensitive information. Strong encryption is recognized as the best technical means to prevent unauthorized access by third parties.
Encryption is the algorithmic altering of data to render it unintelligible. The reverse process, known as decryption, can only be performed by those possessing the encrypted data and an specific extra piece of data (the “key”). Possession of either the encrypted data OR the key (but not both) by unauthorized individuals is not sufficient for unauthorized access.
There are two major types of unauthorized access. The first is “during transmission”, i.e. the sensitive message is intercepted by unauthorized parties while it is traveling over the Internet. The second form of exposure is “at rest”, i.e. after transmission when the sensitive message has been saved to a persistent medium (hard disk, etc.) either by the message viewer or by a legitimate third-party to the communication (email server operator, etc). The time frame of unauthorized access during transmission is typically only seconds. The time frame of unauthorized access at rest is indefinite.
Although secure transmission mechanisms, such as SSL/HTTPS, may be used relatively successfully to prevent unauthorized access during transmission, most transmissions of information across the Internet do not use such mechanisms. Furthermore, the use of SSL does not guarantee end-to-end protection for the lifetime of the message and does not reduce the vulnerability of the information once it has been received and then stored.
Almost invariably, messages that are transmitted over the Internet are stored in multiple locations. For example, a single email message might be stored on the sender's local computer, at the sender's mail server (at least temporarily), at the recipient's mail server (at least temporarily), and on the recipient's local computer, among many other potential locations. Backups that are made of any of these locations result in additional copies of the same email message being created and stored, possibly for long periods of time. Any of these copies which are not encrypted are exposed to being accessed by unauthorized third parties. Due to the difficulties of indexing, searching, and retrieving encrypted data, most operators of servers choose not to encrypt the data at rest. Furthermore, even if encryption at rest is employed by server operators, users cannot independently verify this, and must simply trust the claims of the server operator. User that require a higher degree of certainty need to control the encryption process directly.
Most encryption solutions, however, require significant effort to set up and use, even for sophisticated users. For example, using a public-private key encryption system to encrypt email might require a user to install special encryption software on each computing device (e.g., home desktop computer, business desktop computer, laptop computer, smartphone) from which he intends to send email, create a public and private key, distribute the public key, and then use the installed encryption software to send email messages. This is a significant amount of effort. Furthermore, for such a system to work, it is typically necessary for recipients of encrypted email to also take similar steps on their own computers. Because configuring and using such encryption systems is so onerous, all but the most sophisticated and dedicated users do not use them, opting instead to communicate sensitive information without encryption, and thus insecurely.
Web applications are often employed in situations where, for various reasons, it is desirable to avoid the deployment of traditional desktop software. Typically web applications perform most of the important data processing on a central web server, while the user's computer merely presents an interface in a web browser. Some web-based encryption solutions have been created to shield end users from the complexity of encryption. To use such system, a user enters a sensitive message into a form on a web page and submits it to the server. The web server then encrypts the message and either returns it to the user or sends it directly to a user-specified recipient. Although such systems eliminate the need for the sender and viewer to install special software on their computers, such systems require the users to trust the operator of the web site's server, because the unencrypted data of the message is stored, however briefly, on the server, where it is potentially exposed to unauthorized access by third parties. Savvy users find this trust requirement unacceptable and, as a result, refuse to use such systems.
What is needed, therefore, is an encryption system which provides the ease of use of web-based applications without exposing unencrypted data to the system's operator.