Welcome to SAFE WEBDROP MESSAGE EXCHANGE

A General Secure Message Exchange Mechanism

Easy-To-Use End To End Encryption

It is often the case that people who are in contact almost every day, chose to communicate with unencrypted messages (email), talking about other people and their work. So they risk revealing sensible information they would have handled confidentially face-to-face unintentionally when they use a computer. The CryptoBone software has been developed to change that, as it provides an easy-to use and also secure way to exchange AES encrypted messages and files between two people.

To ensure true end-to-end encryption, it is absolutely necessary to enable a secure message exchange with a shared initial secret that has been agreed on by two people in a personal contact. This inital secret can then be entered into the graphical user interface on both endpoint computers to start a secure communication. Once that has happened, the two users will no longer bother about encryption keys any more. They can be sure, that every message or file they send to the other end leaves the device AES encrypted with a key that changes with every message.

But how are the encrypted messages and files transported between the two contacts?

Suppose the two users can use a HTTPS-enabled server to exchange messages. This would reduce metadata and would render a dedicated email-account for that purpose superfluous.

There are three important pre-conditions that the SafeWebdrop exchange mechanism has to meet:

• It should not be necessary to establish everyone using SafeWebdrop as a user on the server.
  The SafeWebdrop programs should be minimal invasive for the server.

• Nevertheless it must be ensured, that senders are authentic and that stored messages can only be retrieved by the legitimate recipient.

Minimal invasiveness clearly rules out something like the secure shell. It is not desirable to establish users with full server access nor is that necessary for a safe message exchange. Nevertheless, in order to safeguard an authenticated message exchange, the installation of a user's RSA public key on the server is essential, provided that it can be done with minimal effort.

Personal Contact is Key

Again, the user lives and works in an environment, where direct contact to a server administrator is not difficult. And all the server administrator has to do in order to enable the use of the SafeWebdrop message exchange, is to copy a public key, that has arrived at the server, into a single directory created for that user. Nothing more is needed.

But it is important that only the correct public key, the one the CryptoBone GUI has produced (and secured) for the user, is accepted on the server. That is why one single personal contact between a user and the server administrator is required, in which the administrator receives the registration code first-hand from the legitimate user. This contact ensures, that the user is established on the server in a secure way.

SafeWebdrop is a Secure Foundation

Originally developed for the Crypto Bone, the SafeWebdrop mechanism can be adapted for a large number of projects that require safe message and file exchange. It is a foundation for internal communication demands that can be satisfied with establishing a minimal invasive software product on a server, that is already up and running.