The CRPT Encryption Process

What is

Encryption helps prevent data breaches, whether the data is in transit or at rest. If a corporate device is lost or stolen and its hard drive is properly encrypted, the data on that device will still be secure. Similarly, encrypted communications enable the communicating parties to exchange sensitive data without leaking the data.

How does CRPT keep our communication secure?

We use AES 256-bit encryption, which is the safest encryption standard on the planet, it’s used by every large enterprise solution as well as various first world governments to protect sensitive data. It would take the worlds strongest supercomputers millions of years to brute force (“crack”) even a single message. 

Without getting into more details regarding our security processes, identifying data goes through different security processes to ensure that even if an unauthorised entry had to be gained to the physical archive, it would be impossible to tell who the document belongs to. 

The average person already sends personal information across the internet daily, the single point of failure is mostly their own insecure password they use to access their secure data. 

The Encryption Process

Fig 1: Labelled diagram of the encryption process. Each number is the associated step in the encryption process

Fig 1: Labelled diagram of the encryption process. Each number is the associated step in the encryption process.

Step by Step

  1. The user enters seeds on the website.
  2. The website encrypts seed using AES-256 and sends the encrypted value over HTTPS to the central server.
  3. The central server decrypts the seeds using the website key and re-encrypts the seed using AES-256 with the server key.
  4. The encrypted seed is stored in the central database.
  5. The client requests the seed from the central server – which sends the encrypted seed to the client application over HTTPS. The user identifier is sent as a hash of the id of the user and a known secret – this prevents anybody from being able to tell to whom a document belongs simply by gaining access to the archive.
  6. The client application asks for the decryption key and decrypts the value of the seed using the supplied key.
  7. If the decryption was successful the client application prints the seed using the FISCode template. The user identifier hash is provided as the identifier of the document.
  8. If the print was successful, the document is removed from the server.
  9. To retrieve the identifying hash of the user both the user identifier and the known secret need to be provided. The document matching the output of the hash can then be retrieved from archives.

CRPT is a crypto seed recovery back up plan.
Relax in the knowledge that you have your Crypto wealth secured.