A newly unveiled company named Kryptiva is trying to meet all the important requirements for securing email. Many companies have offered encryption, digital signatures, and proofs of delivery for electronic mail. But up to now, according to Kryptiva founder and CEO Karim Yaghmour, each design has embodied an important flaw that reduces either usability or security. (Karim is the author of Building Embedded Linux Systems, which I edited. Kryptiva is proprietary software.)
I won’t say much about Kryptiva’s architecture, which is laid out on one of Kryptiva’s web pages. What interests me most, among their discussion of requirements, is their way of trying to provide features that are usually mutually exclusive.
Kryptiva’s designers reject web-based mail for several reasons. Given the widespread success of phishing attacks, too many users could be tricked into giving a masquerading site their valuable information. If the web site being visited is maintained by the vendor, an enterprise might not want to entrust its sensitive email to the site. Finally, Kryptiva email can use the user’s familiar email client (the initial version works with Outlook, and a Thunderbird plug-in is coming) so that users can continue to manipulate their mail folders the way they’re used to.
The downside of integrating with popular email clients is that Kryptiva can’t do its job unless people on both side download and install a plug-in. Without the plug-in, a recipient can read signed mail, but not mail that’s encrypted or requests a proof of delivery.
Kryptiva can be installed on the enterprise’s own servers, so that it doesn’t have to interact with a third party. It is built to be integrated with other parts of email infrastructure. For instance, it can authenticate users in an LDAP directory to reduce the number of passwords required per user, and it can consult anti-spam, anti-virus, and anti-phishing products. No key ever has to be transmitted over the network. Kryptiva is also infrastructure-independent, meaning that an enterprise can add it to whatever network of servers they have without modifying the existing network. They can also deploy it selectively and incrementally.
Finally, Kryptiva is stateless, which makes it more scalable.
Why using a new email client when we already have PGP integrated into MS Outlook etc.
Actually, there's no new email client, but an email client plugin. WRT PGP (and the same goes for S/MIME), there are quite a few things Kryptiva can give you that you can't get with PGP.
If nothing else, PGP doesn't give you certified proof-of-delivery; Kryptiva does. PGP won't allow you to send encrypted content to a person that hasn't already generated a key pair; Kryptiva does (while still applying 1024-bit RSA encryption BTW.) History has demonstrated that PGP can't realistically be deployed on a large scale within an organization if nothing else because a) senders AND recipients must understand what "keys" are, b) you've got pay the price of a parallel keys management infrastructure; no such problems with Kryptiva.
And so on ...
I'd invite you to visit the technology section of our website, there's plenty of info on what it is that we do in detail.
Karim Yaghmour
Founder and CEO
Kryptiva Inc.
I have seen recently a lot of new PGP secure email solutions. The latest one I found is a service called http://www.webSecureEmail.com
All you email are first encrypted on your browser with JavaScript and then sent over the internet.
Its a free, limited service so you cant really compare it with Kryptiva.
I have tried the solution from a company called Secured Email, and can really recommend it. No public keys, no private keys which make it easy to use. Similar to Kryptiva, the recipient needs to download a reader before he/she can reply.