CSSCurrent en:QUICK Technology
What is QUICK?
The QUICK Integrated Cryptshare Key considerably simplifies the use of Cryptshare! Instead of having to exchange one-time passwords manually, QUICK will take over the management of passwords for your users so they don’t have to deal with passwords anymore and can send and receive information passwordless.
How does QUICK affect the users?
Cryptshare continues to work as usual. Users have the option of activating 'QUICK connections' with their contacts. These represent permanently secure connections which can be used by sender and recipient without entering passwords.
How does QUICK affect administrators?
As an administrator, you can control the availability of the QUICK feature via the Cryptshare policy. QUICK will store access credentials on the users’ devices. Administrative assistance may be required to enable additional devices for users or help users to restore their QUICK access credentials in case of loss.
How QUICK works
Explanation of Terms
Term | Description |
---|---|
Client | A Cryptshare product supporting QUICK, such as the Cryptshare Web App or the 'Cryptshare for Office 365 & Outlook' add-in. |
Verification Token (VT) | An alphanumeric identification sequence (base64 encoded random bytes) stored on the client of the user allowing access to the personal key. |
Personal Key (PK) | The personal key of a user, used to access the shared key of a QUICK connection. |
Shared Key (SK) | An individual key shared by two users in both directions, either as a sender or as a recipient.
The shared key is used to access individual transfer passwords. The password is used for securing transfers in the same way as in earlier versions of Cryptshare. |
QUICK-enabled | A client is QUICK-enabled if this client has been used for QUICK earlier, or if a QUICK activation was performed on this client. |
Transfer Password | The password specified for a regular Cryptshare Transfer or for an invitational Cryptshare Transfer. |
Invitational QUICK Transfer |
A Cryptshare Transfer containing the information required to establish a QUICK connection with another user. * For an invitational transfer a transfer password always needs to be specified.
|
Pure QUICK Transfer | A Cryptshare Transfer where a QUICK connection has been established with all recipients. |
Steps
Verification
The verification step works the same way as in earlier versions of Cryptshare:
- The user enters his email address and retrieves an email notification containing a verification code.
- The verification code is entered in the client to complete the process.
In the background the following is happening:
- A secure verification token is generated and stored on the user client.
Sending a transfer
Invitational Transfer
Sender Side
- The sender activates QUICK.
- The sender specifies a transfer password as he would for a regular Cryptshare Transfer.
- The sender provides the transfer.
In the background the following things are happening:
- A personal key for the sender is generated.
- Utilizing the personal key, a shared key is generated and added to the transfer.
- The transfer is encrypted as in earlier Cryptshare versions utilizing the specified transfer password.
Recipient Side
- The recipient accesses the transfer using the specified transfer password.
- A QUICK activation option will be presented to him.
- Transfer Files can be accessed, downloaded and viewed as usual.
- The recipient performs the activation process. This process can also include the verification procedure if the user is not yet verified on the used client.
In the background the following things are happening:
- A personal key for the recipient is generated.
- The shared key in the transfer is encrypted using the personal key of the recipient and stored on the Cryptshare Server.
After the recipient has finished the activation process, future transfers between these two users can be performed as pure QUICK transfers.
Pure QUICK Transfer
Sender Side
- The sender activates QUICK.
- The sender does not have to specify a password.
- The sender provides the transfer.
In the background the following things are happening:
- The personal key of the sender is used to decrypt the shared key.
- An alphanumeric password with 64 characters is generated.
- The transfer is encrypted utilizing the generated password.
- The shared key is used to encrypt the generated password.
Recipient Side
- The recipients clicks on the download link and the download section opens up. There is no need to enter a password manually.
In the background the following things are happening:
- Using the verification token, the personal key of the recipient is accessed.
- The personal key is used to decrypt the shared key.
- The shared key is used to get access to the transfer password.
- The transfer password is used to get access to the transfer files.