Virtru Security Insights

VentureBeat on Virtru: Killer Encryption Technology for the Enterprise

You have to give VentureBeat credit for coming up with great headlines, and here’s one from Monday “Virtru launches killer NSA-grade encryption for enterprise.” You can try out this killer, NSA-grade encryption for free by signing up for Virtru for Business today.

Richard Byrne Reilly writes this:

“Virtru uses 256-bit AES with Perfect Forward Secrecy (PFS) for client-side encryption, much the same that U.S. intelligence agencies utilize to protect virtual communication channels. Ackerly spent eight years at the NSA, where his prime task was safeguarding data transfers from remote sites, or the field.”

Let’s discuss what all that technology really means:

What does 256-bit AES mean?

It means that no one is going to be cracking open your messages in anything less than a couple trillion trillion trillion plus or minus a quadrillion years.

According to an EE Times article by Mohit Arora, a 256-bit AES key has 1.1 x 1077 possible combinations and it would take approximately 3.31 x 1056 years to crack AES with a 256 bit key.  Don’t think about that duration too long because it is many orders of magnitude greater than the age of the universe. Let’s just say that no one using current computing technology is going to get close to cracking this with a brute force attack (even with a computing cluster the size of the Moon.)

What is Perfect Forward Secrecy (PFS)?

Remember a few months ago when everyone was freaking out about a bug named Heartbleed.  That didn’t affect us much because we’ve been running Perfect Forward Secrecy for a while.  To define Perfect Forward Secrecy it helps to understand how web servers encrypt data – they use a technology called SSL and with SSL a server maintains a private key that it used to encrypt information.  Without perfect forward secrecy anyone who compromises a web server’s private key can decrypt data encrypted with that key.

With Perfect Forward Secrecy a new, entirely random public key is used every time your browser interacts with our servers.  This means that even if someone where to compromise the server’s keys your data is safe.  Think of Perfect Forward Secrecy as a one-time encryption key which is uniquely generated for every request.

Together, what do these two things mean?

It means that this VentureBeat is exactly right, Virtru is Killer, NSA-grade encryption for the enterprise. But, it’s more than just encryption, it is encryption with the ability to control who can access the messages and attachments you send and how long your messages live in the wild.

If you deal with sensitive data at home or at work, Virtru is a solution that is ready to use and integrated into the email services and clients you use today.