The free trial period is 60 days. Requires Windows Vista or Windows 7, 8, 10.
We communicate in English and in Finnish (Vastaamme tarvittaessa suomeksi, ohjelmassa myös suomenkielinen käyttöliittymä)
Inc. (Enternet Oy)
Superior protection for the real world
EndCryptor protects old encrypted emails - that were copied by an adversary when they traversed the internet - also then when the adversary gets current encryption keys by hacking into user's computer.
Easy to use
No knowledge of cryptography is required. The user interface is similar to a typical email client. User's current email account is used to deliver the encrypted emails.
The email is encrypted at sender's computer and it can be decrypted only at true receiver's computer.
Quantum attack resistant
It may be possible that before the year 2030 there will be computers that can break current classical public keys. EndCryptor uses classical public keys and new quantum attack resistant public keys. Note that otherwise current encrypted traffic can be copied and decrypted by quantum computers when (if) they become reality. When two persons communicate in turns the quantum protection starts from the second email (included).
Patented technology, state of the art cipher and public keys
The protocol that provides the features has been patented in USA. The implementation of symmetric encryption and public keys uses publicly available source code developed by the scientists who designed the systems.
EndCryptor offers features that are essential for real world protection: backward security and recovery from an attack. It is important that there is protection when a hacker gets access to current secret encryption/decryption keys.
EndCryptor is more secure than competitors
bpc = bits per character (byte). EndCryptor was used with the default settings.
|Tutorial on public keys||The risks of SSL|
|Compare to competitors||Avoid security through obscurity|
|Cryptographic technical details||Hash function used|
|Features pdf||Documentation pdf|
|Cryptographic strength||Passphrase Generator|
|Finnish pages||Suomenkieliset sivut|
On August 2016 security companies Kaspersky and Symantec revealed a
spying operation named as Project
Sauron or Remsec which had run undetected about 5 years.
The operation was a spying
operation, which according to Kaspersky was: "designed to enable long-term cyber-espionage campaigns" and "has high interest in communication encryption software widely used by targeted governmental organisations. It steals encryption keys, configuration files, and IP addresses of the key infrastructure servers related to the software." Symantec says about the malware that there is a "module that contains a string named “Sauron” in its code. Given its capabilities, it is possible the attackers have nicknamed the module after the all-seeing villain in Lord of the Rings." On July 2015 it was reported that a hacker stole massive amounts of data from Hacking Team's servers and uploaded it to internet for everybody to read. The company is a spyware developer for governments and law enforcements. The stolen data included a GPG private key of an engineer thus exposing all GPG encrypted traffic to this person. Did the victim use a server that automatically uses GPG and therefore stores the private keys? On April 2015 network security company FireEye reported that malware named APT30 had been found to have been spying 10 years mainly in South East Asia. Among data it collected were files ending with .pgp. The malware "is particularly interested in regional political, military, and economic issues, disputed territories, and media organizations and journalists who report on topics pertaining to China and the government's legitimacy". On July 2014 F-Secure reported about CosmicDuke malware which had attacked against NATO and European government agencies. This malware stole among other things certificates and their private keys. On February 2014 Kaspersky Lab announced that they had found and analyzed Mask - "an advanced threat actor that has been involved in cyber-espionage operations since at least 2007 ... one of the most complex APT we observed ... more than 380 unique victims in 31 countries ... could be a nation-state sponsored campaign ... can intercept network traffic, keystrokes, Skype conversations, PGP keys, analyse WiFi traffic, fetch all information from Nokia devices, screen captures and monitor all file operations ... 32-and 64-bit Windows versions, Mac OS X and Linux versions and possibly versions for Android and iPad/iPhone". Interestingly the keylogger module was named "PGPsdkDriver". The Red October malware which was also found and analyzed by Kaspersky Lab (results published in January 2013) collected *.crt, *.cer (these are certificate related), *.pgp, *.gpg, pubring.*, secring.* (PGP, and GPG related) files and recorded key presses and values in password fields. The Red October was operating about 5 years and targeted diplomatic, governmental and scientific research organizations in different countries, mostly related to the region of Eastern Europe, former USSR members and countries in Central Asia. A report published on March 2013 from CrySys Lab in Hungary says about TeamSpy malware: “Many of the victims appear to be ordinary users, but some of the victims are high profile industrial, research, or diplomatic targets”. The malware collected .pgp and .p12 (certificate related) files, victims include Embassy of NATO/EU state in Russia and multiple research/educational organizations in France and Belgium. TeamSpy was operating for almost a decade. The Winnti malware found in April 2013 collects certificates and their private keys. The Nimkey virus (detected 2010) steals keystrokes and certificates (e.g. to get the private key of a S/MIME certificate). First example of a virus that stole PGP’s security database "keyring" was Caligula virus (1999), this attack did not use a keylogger, but was a proof of concept attack.
2^. Encrypted messages are numbered and they contain an encrypted list of earlier messages that are not decrypted. When you receive a message and decrypt it you know which messages sent by you were not decrypted when the received message was encrypted. The report of each contact's not decrypted messages is shown at request.
Email Composing Window:
Add New Contact: