Information
Why should I use Secos?
The internet offers new means of communication like e-mail, instant messaging and voice over IP. This communication is fast and cheap, but unfortunately it is insecure as well. Your conversations can be monitored by your network administrators, by the operators of your chat server, by your ISP and by any of the numerous ISPs your data travels through on its way to its destination. For example, your intercepted business communication can be sold to the competition or your private communication can be sold to marketing companies. You have no way of detecting this. Tools for eavesdropping include ICQ Sniffer, Ethereal and Packetyzer.
Besides the confidentiality issue, the integrity and authenticity of data transferred via the Internet is not ensured either. Forging transferred data is very easy. For example SPAM mails, millions of which are sent everyday, mostly have forged sender addresses. As forgery is so simple, it is questionable whether you should rely on the content of ordinary e-mails, in case integrity is important.
Secos offers communication that is protected against forgery and eavesdropping. With Secos you can transfer highly sensitive information via the Internet in a cost-efficient way. As all transferred data is protected against forgery, you can be sure that incoming data really originates from the stated sender. The security in Secos is reached by the use of cryptography, particularly encryption technology and digital signatures.
What is cryptography?
Cryptography is the art of secret writing. With cryptography information can be encrypted in a way that only a specific recipient is able to read it. The encryption prevents third parties from reading the information while it is transmitted to its recipient. Besides confidentiality, today’s cryptography provides two other very important services: Message integrity and authentication. Message integrity means that the receiver of information is able to verify that received information was not modified by a third party. Authentication means that the receiver is able to verify the origin of the information. You can read more about cryptography here.
Which cryptographic algorithms does Secos use?
Secos uses RSA-2048, AES-256, and SHA-256.
Is Secos compatible?
Secos is not compatible with insecure communication systems like ICQ, MSN, AIM or ordinary e-mail. Combining usable security and combatibility with completely insecure systems is not possible due to the concept. <-- (change to "is simply impossible."?? "the concept" not clear.) For example, in Secos all data is encrypted before transmission. The receiver therefore needs to be able to decrypt incoming data. In ordinary systems this is not the case. You can read more about the reasons for Secos not being compatible here.
Secos offers uncompromising security. If you want with remain compatible to insecure systems, you should continue using these systems. If you want security, use Secos.
Is Secos secure?
The cryptographic algorithms used in Secos are also used for securing money transfers and for transmitting top secret military information. Secos uses the open source cryptographic library Crypto++, which has been validated by NIST and CSE for FIPS 140-2 level 1 conformance.
How does Secos work?
As a Secos user you get your own address: "john.smith@@secos.org". You can tell from the double "at" - @@ - that an address is a Secos address. When you see such an address, you can be sure that you can communicate securely with the owner of this address.
In order to use Secos, you can create an account on the free Secos Server "secos.org". As all transmitted data is protected from endpoint to endpoint, even we as the operators of this server are not able to monitor your communication.
If you would like to use your own Internet domain for your address, you can operate a Secos server of your own. There you are free to assign addresses as with your e-mail server, for example: "john.smith@@mycompany.com"