SSLPost Technical Overview

The following process provides a detailed end to end walk through of the SSLPost secure document delivery solution. The example outlined below is that of the SSLPost recorded email delivery (HTML Attachment) method which ensures end to end encryption and maximum security:

- click to enlarge image -

Step 1: Composing the message (client side)

The sender logs into their SSLPost online account composes a new secure message and chooses their recipient email address.

Step 2: Encrypting the message with session key (server side)

Once they hit the send button the message is encrypted with a unique random 256 bit AES session key on the SSLPost secure servers.

Step 3: Encrypting the session key (server side)

The session key is then encrypted with the recipient's public 2048 bit RSA key.

Step 4: Encrypting the public RSA key (server side)

The result is then encrypted with a 256 bit seal key which is used to track access to the data if the recipient's private key is held client side.

Step 5: Creating message hash value (server side)

A hash value of the message is calculated and signed with the sender's private RSA key.

Step 6: Sending encrypted email to recipient (client side)

A standard internet email is created with a standard html form attached containing:

  • The recipient's details
  • The encrypted message data
  • The encrypted session key
  • An SHA 1 hash value of the message
  • The signature

Step 7: Opening of encrypted email by recipient (client side)

The recipient receives the email and opens the HTML form attachment. They click the open message button and the information in the message is sent to the SSLPost server for decryption.

Step 8. Checking integrity of encrypted email (server side)

The message is checked against hash value using the sender's public RSA key and if it matches the recipient is prompted to enter their password to decrypt the secure message contents.

Step 9: Recipient credential validation (server side)

The server validates the password entered, retrieves the seal key to decrypt the 2048 bit RSA encryption, and uses 2048 bit RSA key to decrpyted the 256 bit AES session encryption and obtain the 256 bit AES session key.

Step 10: Decryption & delivery of secure message to recipient (client side)

The session key is used to decrypt the message data which is returned to the recipient's web browser via a secure SSL link.


Download this SSLPost overview diagram as a PDF document: sslpost_how_it_works.pdf

 

>> Features & Benefits of SSLPost