Cryptography is a race. Cryptographers need to always figure out better algorithms as the “bad guys” are figuring out smarter/faster ways to break them. Thankfully, cryptographers are way ahead and, at Privowny, we leverage the best technologies to make sure we always stay several moves ahead of a possible hack. This is why we keep upgrading our security protocols and algorithms and will keep doing so on a regular basis.
Digital ID uses both asymmetric (RSA) and symmetric (AES) encryption algorithms with well-established protocols to enhance security.
Digital ID initially used RSA 1024-bit encryption to encrypt users’ data. RSA-1024 keys have 1,024 bits (309 decimal digits). To keep our promise to our users and offer the best available data protection, Digital ID regularly upgrades the strength of the encryption keys used (for instance, passing from keys 1024 bits long to keys 2048 bits long).
Doubling key strength delivers an exponential increase in protection since encryption strength is directly tied to key size.*
As always, in addition to staying on top of cryptography algorithms, Privowny works hard to refine its security architecture, protocols, and best practices. We are as committed as ever to stick to our high standards.
What to do to benefit from these upgrades
When users create an account, they, of course, benefit from the latest security protocols available at the time.
When an upgrade is rolled out, users are informed by email so that they can take the necessary steps to migrate their data from the “Security upgrades” tab in their My Account page:
- Users are asked to enter their Master Key
- All previously encrypted data (including passwords) is decrypted and prepared for migration
- All data is then re-encrypted using a new set of encryption keys generated with the updated algorithm
- That’s it: users can then enjoy extra security for all their data!
If the process is interrupted at any time or an error occurs, the data is re-encrypted with the previous encryption keys. Users can keep using Digital ID as usual until they complete the security upgrade successfully.
For the simply curious: https://en.wikipedia.org/wiki/RSA_(cryptosystem)