The first answer is : "It is the sender of email who exposes information to the insecure internet environment. It is his responsibily to protect the information if it concerns the recipients privacy."
The second answer is : "Securing email should add certainty to the process of mailing. Eucrypt enhances the sentiment of certainty by signalling the moment of secure arrival to the sender."
The third answer is : "Current secure solutions require an initiative from recipients to acquire and install certificates. As a sender you cannot enforce a recipient to acquire a certificate and it is too difficult to educate all our recipients to use current secure solutions"
The full answer is a bit longer :
The law is strict when it comes to privacy, but not many seem to really care about the safety of private data as it travels the internet. We all know about SSL, the famous padlock of our internet browser, but who knows what happens after that? The mesh of public wires and privately owned store and forward-servers on the route to a final destination is indeterminable, and definately not secure. And do you use SSL to access your smtp- or pop-server in the first place? Probably not.
If we apply such strict rules to others when our privacy is concerned then why are we so negligent ourselves? Off course it gives a sense of freedom not to bother about privacy, knowing that nobody is allowed to mis-use it, but that is not how things work regretably. It is like leaving your doors unlocked.
Then why the negligence ? We know it is not a fair question, because it is difficult to assure that your information arrives safely at its destination when there is no carrier that wants to guarantee it. All-right, companies like Verisign and Geotrust help to assure that some lines along the route are safe, but who uses these and what about the entire route.
Regarding eMail there is a globaly appreciated solution but not many people use it. It is based on PKI and it requires that the Email recipient has acquired a Digital ID and that the sender has access to it, knows how to use it and has the discipline to use it. If you have a digital ID, anybody that knows how to use it can send you an email safe, because the mail can be encrypted and only you can decrypt it. But now the other way around. How to send somebody an email safe who doesn't have a Digital ID or who doesnt even know what it is. Most people dont. The fundamental problem with PKI is that the initiative to establish secure Email transport lies with the recipient, whereas the initiative to send mail (and the knowledge that the content is sensitive) lies with the sender.
The solution to have sensitive information transported is obviously to protect the information itself in such a way that only the recipient can open it, a technique called encryption. It is easy to buy an encryption program, but is not easy to convince the recipient of your document to buy the same program. An other inconvenience is that you need to supply the recipient with a key to decipher your mail or document. Just sending the key encrypted won't work.
This is where Eucrypt comes around. Eucrypt is an easy to use online service that allows you to encrypt any document by pointing at it. Eucrypt doesn't store the document but compresses and encrypts it and returns it to you immediately in a sealed envelope. On request Eucrypt will forward the envelope to the recipient immediately. Eucrypt will only retain the keys to decipher the document. When you send the document to someone and the recipient accesses Eucrypt, the document will be deciphered and the key will be destroyed. Only the recipient that you indicate will be allowed to decrypt de document (and only once). This recipient must once pass the same email-verification-procedure as you do when you subscribe to Eucrypt.
This section presents an overview of how Eucrypt helps to protect you.
With traditional cryptography you need an algorithm and a key. There are many known encryption algorithms, with AES, as the successor of Triple DES, as the most popular. The encryption algorithm needs to be public if sender and receiver use different software. Keeping the key strong and safe is sufficient to avoid that anyone who knows the algorithm is able to decypher an encrypted document.
As opposed to this traditional cryptography, the strength of Eucrypt is manyfold :
The Eucrypt robot consists of an array of load-balanced cryptographic servers and a set of redundant administrative servers.
Do not hesitate to contact us. All relevant questions will be answered if you provide a valid EMail address
| Your mailadres | ||
| Your message/question : | ||
1. Your use of Eucrypt products, software and services is subject to the terms of a legal agreement between you and Eucrypt. This page explains how the agreement is made up.
2. In order to use our services, you must first agree to these terms and conditions and you may not use the services if you do not accept the terms.
3. The delivery of the Eucrypt services is an innovative concept to fill a lacuna in todays methods of information transport. The lacuna is the lack of a cheap, easy to apply and universally accepted method to secure information while it is beeing transported. We believe that, next to the freedom of thought, the freedom of expression means more than the right to express. It also means that expression should not be tampered with. At the point of this writing (mid 2009), we cannot completely foresee the impact of our services. With quiet simple growth of use we could easily service large amounts of users, but in other situations we might need to change the terms of use at any time and at our discretion.
4. You may not yourself, or let anyone else, copy, modify, reverse engineer, decompile or otherwise attempt to extract the source code of Eucrypts software. You may not yourself, or let anyone else, use Eucrypt with the purpose to copy parts of Eucrypts technical design or to copy parts of Eucrypts functions.
5. You agree that Eucrypt owns all legal right, title and interest in and to its services.
6. Eucrypt gives you a personal, worldwide licence to use the software provided to you by Eucrypt, provided that you have subscribed to the services of Eucrypt with an email adress to which you have legitimate access. This Emailadress is the prime denominator of your subscription or account. You can have as many accounts as you have email-adresses.
7. You agree that you are responsible for maintaining the confidentiality of information provided to you by Eucrypt. Accordingly, you agree that you will be solely responsible to Eucrypt for all activities that occur under your account.
8. Eucrypt does not guarantee the arrival of your information at your recipient. You have the option to send the encrypted information yourself or to have it forwarded by Eucrypt. In fact, information send through the internet easily gets lost or filtered. Only the intended recipient, however, is allowed access to your document key and to Eucrypts decryption services.
9. Eucrypts prime concern is the privacy that you seek at Eucrypt. The design of our sevices is such that we store and relate the minimum amount of information, legally and technically possible, to maintain the service. We don't relate multiple accounts to a single user. We do not allow third parties to advertise through our services or to trace your behaviour. All information that we store about you that can be considered as private is presented to you when you log in. This includes your email address, your subscription date, the bandwidth you used and a reference to the keys that await decryption.
10. There is one major exception to our privacy rule that concerns the recipient : we will signal the event of decryption to the account holder who originally encrypted the information. The sender receives a receipt with which he can proof the successfull delivery and decryption of his document. We believe that this knowledge greatly contributes to the sentiment of safety, knowing that your confidential information safely arrived.
11. You agree and accept that your use of Eucrypt is at your own risk and that our services are provided "as is".
12. You agree and accept that Eucrypt shall not be liable to you nor accountable for any direct, indirect or accidental damages that arise from the use of our services. This includes, but is not limited to, damage to computer hardware, software, data, loss of profit or reputation.
13. Eucrypt services are currently free of charge. Once you have subscribed these services remain free. There is no guarantee that the services remain free for future subscribers. There is no guarantee that new Eucrypt services (new functions) will be available free of charge for existing accounts.
where possibleWhen you don't use SSL (or secure tunneling like VPN), everybody who shares the same medium between your computer and the internet-server, can see the information that you are sending and receiving. This does not only concern a mobile phone, wifi, wimax or satellite connecetions, but also copper-wire connections. SSL does not only concern your browsing activity (the HTTP protocol) but, even more important, your email activity (POP and SMTP). Without SSL you send your mailbox password into open air.
Your mail-account is the most unsecure element in your privacy chain. As long as your information is in the internet domain you dont have physical control. Your Email-address is usually your pop-servers user-name. Your password may be an random string of six or eight characters, a brute force attacker would "only" require about 1000 bilion retries to get in. Off course your email-server should prevent brute force attacks, but does it ? If you have a pop-account and you can choose your password then make it very strong.
If you have a new mail-account the initial password is usually a random generated string, mailed to you in an unprotected mail. This mail is send by someone and probably stored somewhere. The mail arrives at your email-client and probably remains there forever. Just change the password to get rid of these leaks.
A wallet is any system that cannot be opened by someone who gets hold of it. But dont trust wallet-providers just like that. "If a bad guy can persuade you to run his program on your computer, it's not your computer anymore" Read Scott Culp on this : http://technet.microsoft.com/en-us/library/cc722487.aspx
If you need more information on password managers refer to wikipedia : http://en.wikipedia.org/wiki/Password_manager
Three open source password managers are Password Gorilla, KeePass, and Oubliette
Although Eucrypt saves your username and password as cookies on your computer for the convenience
of new users by default, it is advised to disable these with the 
-marks on the login-page. Cookies are just not safe.
Eucrypt helps to ensure safe delivery of information to the recipients computer. Before and after, the sender and recipient should be in control. As long as you don't lose your computer, an up to date virus- and spyware scanner will keep u safe.
 |  |
The message consists of four fields: a destination email-adress, a subject, a bodypart that is not encrypted and a plain-text attachment that will be encrypted.
Decryption is a one-time process. After decryption the decryption-key is destroyed and the envelope becomes useless. The sender receives a notification that the document has safely arrived at its destination.
Make sure the envelope is accessable on your hard disk (eg. your desktop). Press the Decrypt button and point to the envelope and the contents will be decrypted.
Make sure the document is accessable on your hard disk. Press the Encrypt button and point to the envelope and the contents will be encrypted.
If you want to send the encrypted document with your own Email program, use the encrypt function.
Make sure the document is accessable on your hard disk. Press the forward button and point to the envelope and the contents will be decrypted and send to its destination.
|
The unit price is a function of the quantity ordered. The method of payment is left at your discretion. When you press the 'Order' button you will receive an invoice. |
| Quantity | Product | Unit price | Total | |
| Bridge Licence for 30 consecutive days and unlimited encryption volume | ||||
| 100MB encryption volume, non-bridged |
| | |
| Subtotal | ||
| VAT () | ||
| Total | ||
A password-reminder is necessary when you forget your password. This will change the password in the same time.
The reminder-procedure itself is very safe, until someone has access to your email-account. If the intruder discovers a secure envelope he could request a reminder on your behalf, decrypt the envelope and delete both the envelope and the reminder. Because the password has changed you would no longer have access to your Eucrypt account. For this reason we offer the possibility to turn off the password-reminder. Off-course make sure not to lose your password after that.
To change your password you need to enter your old password and a new password.
Take care because both passwords appear as plain tekst. The minimum password length is 4. Although Eucrypt will block after four attempts we recommend a strong password with eight characters.
Old password :
New password :
Eucrypt has two licence types :
Currently, when you subscribe, you receive an unlimited bridge-licence.
Eucrypt demands as little privacy information as possible. If you are a european firm and want to recover VAT it is necessary to enter your company name and VAT number.
| Company name : | |
| VAT nr : | |
| (Prefix a two letter country code) | |
When you use Eucrypt you consume. Servers are running to assist you to harness your information. The software has been developed and must be maintained and marketing effort is needed to promote the product. To sustain all this we elaborated a payment scheme that reflects the intensity of use and in the same time helps to minimize the amount of administration :
You don't need encryption quota while you have a bridge account
Eucrypt uses an image of an envelope to seal your information. The envelope can be freely transported by mail or any medium to its destination. Only the intended recipient can open it. | |
 | |