Trustchain and Unlocking System:
Trustchain and unalterable records
Wimi Armoured uses a Trustchain for automatic key exchange and each employee action is recorded in an unalterable log.
The encryption system is ultra-fast and invisible to your users.
Data is encrypted from your devices using your private key and the Trustchain BEFORE being sent to our servers. We can not (or anyone else) decipher them.
Unique identification key
Every user has their own keys, which are linked to their encrypted identities (devices). There is no master key.
The unlocking service allows users to openly access their encrypted data on all their devices.
Open-source encryption library
Wimi Armoured is based on an open-source encryption library and Elliptic Curve Cryptography.
Encryption and decoding of data
Wimi Armoured is based on the separation principles of data processing.
The information is unreadable by third parties
Data is decrypted locally on users’ hardware device and is inaccessible to all other users and unreadable on the Wimi Armoured servers.
The sharing of data between your users is secured
Data sharing between users triggers the exchange of their key confidential information, thanks to the trust chain: an inviolable log of cryptographic data and a distribution system of keys linked to identities.
Protection of devices
The local cryptographic information is encrypted with the Wimi Armoured user token. The latter is distributed on the Wimi Armoured site with the aid of a two-factor identification system.
The Functioning of Wimi Armoured
Wimi Armoured uses tried and tested technology
Is the data hosted on Wimi Armoured?
Wimi Armoured stores your previously encrypted data on your device. The management of your encrypted data does not require any specific action on your part, Wimi Armoured looks after everything! The public keys needed to access your data are automatically transferred via Wimi Armored servers, in an encrypted form. Wimi Armored can not access keys or data.
A unique electronic certificate
An electronic certificate (public key) can be considered as a digital identity card. It is used mainly to authenticate an actual or legal entity, but also to encrypt exchanges. It is signed by a trustworthy third-party who demonstrates the link between actual identity and digital (virtual) entity.
Wimi Armoured secures the transfer of your data
What happens if Wimi Armoured is hacked?
In the case that our servers are hacked, the hackers would not have access to the public keys or to the encrypted data. The keys and the data are therefore unusable. This separation of responsibilities between two parties (Wimi Armoured stocking the data and encrypted keys, your users keeping the private keys) makes data leakage impossible.
Wimi Armoured is based on numerous secure technologies
The Trustchain and unlocking system are coded in Go, assisted by a PostgreSQL and deployed via Kubernetes on Google Cloud Platform.
The Wimi Armoured procedures are based on Cryptobox and Secretbox of libsodium:
Cryptobox is used for the asymmetric encryption of data keys
Secretbox is used for the encryption of data
When using Elliptic Curve Cryptography (ECC), Wimi Armoured manages the smallest keys in order to increase the speed of data transmission, without any impact to security.
The original cryptographies used are:
– Ed25519 for signatures
– X25519 for asymmetric encryption
– XChaCha20-Poly1305 for symmetrical encryption