VSys One: Volunteer Management Software

Previous Topic

Next Topic

Book Contents

Book Index

How VSys Encrypts Data

This section is highly technical and is provided only as a reference for those trained in encryption and for the incurably curious.

VSys uses two-phase encryption on encrypted data, similar to PGP. For each record to be stored, a random 192-bit AES key is generated, and the data is encrypted with that key. The AES key is then encrypted using RSA, and prepended to the AES-encrypted data. This gives the performance of AES (very fast), with the public/private key abilities of RSA (very slow).

Every record uses its own AES key, so each record must be decrypted individually using the private key. Within the record, all elements that are to be encrypted in the same encryption group are bundled together and encrypted as a group to minimize the number of RSA encryption/decryption cycles.

User keys are comprised of three elements:

VSys encrypts the master decryption key with a combination of the user's passphrase and the user's database-stored code. When the user tries to use his key, VSys asks for the passphrase and looks up the user's code. If the two are provided correctly, VSys is able to decrypt the encryption key and use it.

When a user's key is revoked, that database-stored code is removed. Without it, VSys cannot decrypt the user's key, making the key useless.

VSys One's encryption is intended to hide the data itself, not the fact that data is present or missing. Empty fields are not stored, and the size of each encrypted bundle is directly proportional to the size of the plaintext data. It may be possible to determine that detailed information about an individual is stored, and therefore that history exists. From a large record size someone may, correctly or otherwise, infer that negative data is present. The actual contents of the data, of course, remain secure.

User passphrases

The user's passphrases are never stored in VSys or in the keys themselves. User key passphrases can be changed on individual keys, but only by the user, or by someone who knows that user's passphrase. If the passphrase is lost, generate a new user key from scratch. No data is lost in this process, since the user key is derived from the master key.

See Also

Appendix

Installation

Databases

Startup Database Selection

Standalone E-mail Robot as a Windows Service

Issue Reports

Hosted VSys

Q & A

Shortcuts, Tips and Tricks in VSys One

IT Labor Estimates

Implementation Timeline

Ini file-based Advanced Settings

Volunteer Works Conversion Notes

Tracing (Audit Logs) Security

Command Line Parameters

Command Line Tools

Relative Dates

Notes on Banned People

Remote Support Sessions

Transitions

Special Settings