CSSCurrent en:QUICK Technology

Aus Cryptshare Documentation
Wechseln zu:Navigation, Suche



40992770.svg
QUICK desk.svg

What is QUICK?

The QUICK Integrated Cryptshare Key considerably simplifies the use of Cryptshare! Instead of having to exchange one-time passwords manually, QUICK will take over the management of passwords for your users so they don’t have to deal with passwords anymore and can send and receive information passwordless.

How does QUICK affect the users?

Cryptshare continues to work as usual. Users have the option of activating 'QUICK connections' with their contacts. These represent permanently secure connections which can be used by sender and recipient without entering passwords.

How does QUICK affect administrators?

As an administrator, you can control the availability of the QUICK feature via the Cryptshare policy. QUICK will store access credentials on the users’ devices. Administrative assistance may be required to enable additional devices for users or help users to restore their QUICK access credentials in case of loss.


General Information about QUICK
This is a technical documentation about the Cryptshare QUICK Technology for administrators. If you are not an administrator or if you are searching for general information about QUICK, please refer to Using QUICK.

How QUICK works

Explanation of Terms

Term Description
Client A Cryptshare product supporting QUICK, such as the Cryptshare Web App or the 'Cryptshare for Office 365 & Outlook' add-in.
Verification Token (VT) An alphanumeric identification sequence (base64 encoded random bytes) stored on the client of the user allowing access to the personal key.
Personal Key (PK) The personal key of a user, used to access the shared key of a QUICK connection.
Shared Key (SK) An individual key shared by two users in both directions, either as a sender or as a recipient.

The shared key is used to access individual transfer passwords. The password is used for securing transfers in the same way as in earlier versions of Cryptshare.

QUICK-enabled A client is QUICK-enabled if this client has been used for QUICK earlier, or if a QUICK activation was performed on this client.
Transfer Password The password specified for a regular Cryptshare Transfer or for an invitational Cryptshare Transfer.
Invitational QUICK Transfer

A Cryptshare Transfer containing the information required to establish a QUICK connection with another user.

* For an invitational transfer a transfer password always needs to be specified.
  • It is always an invitational transfer if a QUICK connection has not been established with at least one recipient.
Pure QUICK Transfer A Cryptshare Transfer where a QUICK connection has been established with all recipients.
41648130.png

Steps

Verification

The verification step works the same way as in earlier versions of Cryptshare:

  • The user enters his email address and retrieves an email notification containing a verification code.
  • The verification code is entered in the client to complete the process.

In the background the following is happening:

  • A secure verification token is generated and stored on the user client.
Secure Verification Tokens
In order to make sure that all users work with a verification token fulfilling the security requirements of QUICK, it is important that all verifications have been reset during the update from version 4.2.1 to 4.3.0.

Sending a transfer

Invitational Transfer

Sender Side
  • The sender activates QUICK.
  • The sender specifies a transfer password as he would for a regular Cryptshare Transfer.
  • The sender provides the transfer.

In the background the following things are happening:

  • A personal key for the sender is generated.
  • Utilizing the personal key, a shared key is generated and added to the transfer.
  • The transfer is encrypted as in earlier Cryptshare versions utilizing the specified transfer password.
Recipient Side
  • The recipient accesses the transfer using the specified transfer password.
    • A QUICK activation option will be presented to him.
    • Transfer Files can be accessed, downloaded and viewed as usual.
  • The recipient performs the activation process. This process can also include the verification procedure if the user is not yet verified on the used client.

In the background the following things are happening:

  • A personal key for the recipient is generated.
  • The shared key in the transfer is encrypted using the personal key of the recipient and stored on the Cryptshare Server.

After the recipient has finished the activation process, future transfers between these two users can be performed as pure QUICK transfers.

Please note, that a QUICK transfer automatically becomes an invitational transfer as soon as at least one recipient is specified who has not yet accepted a QUICK connection or didn't have the opportunity to do so. The recipients however, who already have activated QUICK, will not need to enter the password manually.

Pure QUICK Transfer

Sender Side
  • The sender activates QUICK.
  • The sender does not have to specify a password.
  • The sender provides the transfer.

In the background the following things are happening:

  • The personal key of the sender is used to decrypt the shared key.
  • An alphanumeric password with 64 characters is generated.
  • The transfer is encrypted utilizing the generated password.
  • The shared key is used to encrypt the generated password.
Recipient Side
The scenario describes the behavior when the recipient uses a QUICK-enabled client. If the user tries to access the transfer using a new client, the QUICK activation comes into place.
  • The recipients clicks on the download link and the download section opens up. There is no need to enter a password manually.

In the background the following things are happening:

  • Using the verification token, the personal key of the recipient is accessed.
  • The personal key is used to decrypt the shared key.
  • The shared key is used to get access to the transfer password.
  • The transfer password is used to get access to the transfer files.