FileAssurity - Introduction

FAOPGP Lite Introduction

Overview

FAOPGP is a file encryption and digital signature application that enables you to safely store, send and delete files. You can protect files and store them on any media (local, network, removable drives - including CDR and CDRW drives, web servers) or share them securely with others.

You can encrypt, sign, decrypt, and verify single files, multiple files, or folders, in a single click and any type of file can be encrypted and/or signed, regardless of its file extension. Protected files can be automatically sent by e-mail.

FAOPGP automatically compresses every file before protecting it enabling you to store and send even smaller secured files. Multiple files/folders can also be stored in a single archive (.zip file). FAOPGP uses similar compression ratios to WinZip - a FAOPGP to WinZip comparison chart can be found on our web site. (Note: some files cannot be compressed any further, for example, .pdf, .gif, .jpg, .mpg).

Files are protected using the US approved algorithm AES at its strongest setting (256 bit). Information on the AES algorithm can be found on the ArticSoft web site. NOTE : For PGP 5.x and 6.x recipients the encryption algorithm and key length used is that specified in their public key.

File Encryption
FAOPGP ensures the confidentiality of your files by using encryption. Encryption scrambles the file contents so that they are no longer readable in their original format. Only those users that have the correct keys can decrypt and view the original files.

FAOPGP is much more secure than password mechanisms as the key needed to decrypt your files never leaves your PC. If someone wants to encrypt files for you then you supply them with a key that can only be used for this purpose (this key can be generated in FAOPGP or obtained from a Certificate Authority). Decryption of files can only take place on your computer as only you posess the correct key for this purpose. More information on file encryption can be found on our web site.

Digital Signatures
You may want to digitally sign information for two reasons. Firstly to check whether a file has been tampered with. When you sign a file FAOPGP creates and attaches to the file a unique value that is based on the contents of the file. When FAOPGP is asked to check that a file has not changed it calculates the value of the contents and compares it to the original calculated value. If as little as 1 bit of data in that file changes then the calculations do not match and you are warned that the file has been altered.

Secondly, recipients of signed files may want to check who signed the files. FAOPGP checks the signature received against a list of trusted authorities that vouch for the identity of the signature's owner.

Secure File Deletion
Normally files are not removed completely from a disk when you delete them. It is possible for others to read them using various utilities that are widely available.

If you want to be certain that this cannot happen, you can use FAOPGP's Secure Delete facility. This writes data over the unprotected file multiple times (complying with the US DOD standard 5220.22-M) and then removes the file, making recovery of the file impossible. In fact FAOPGP's Secure Delete facility writes over your files 15 times (6 times more than that required for US DOD compliance). In addition, FAOPGP uses extra protection mechanisms to ensure dedicated file recovery utilities - for example, File Scavenger - cannot recover your files.

Secure E-mail
FAOPGP lets you send secure message attachments regardless of the e-mail client you or your recipients are using. You can protect and send emails in one simple process - FAOPGP automatically opens your default mail client with the protected file(s) attached and the email address already filled in using the certificates of the people you have encrypted files for.

Space Saving compression
FAOPGP automatically compresses each file that you protect ensuring minimum disk space is used. FAOPGP uses compression comparible to WinZip.

Key Manager
FAOPGP's integrated key manager lets you import, export and generate OpenPGP and PKI compatible certificates and keys.

Generation of x.509 and OpenPGP compliant 2048-4096 bit RSA certificates/keys and OpenPGP compliant DH/DSS 2048-4096/1024 bit keys.

Import of x.509 certificates/keys from any Certificate Authority (CA) and the import of OpenPGP keys and keyrings (PGP v5 and above).

Export of x.509 and OpenPGP keys.

Key management facilities include backup and restore of your keystore, key deletion and keystore password change. Its unique Trusted Authorities list automatically recognizes keys signed by all the common Certificate Authorities so there is no need to import root certificates.

Simple to use
You can encrypt, sign, decrypt, verify and email single files, multiple files, archives, or folders, in a single click! Just select your files, choose who you want to protect them for and if you want to sign them, and then press the 'Protect' button. Your files are now protected. You can specify where you want to save protected files and whether you want to overwrite existing files. Yours and other people's keys can be easily added to the system using key manager. There is no need to worry about what encryption algorithm you should use or validation of root certificates.

FAOPGP Reader
ArticSoft provide free reader software so you can send information to others without them having to purchase FAOPGP. The free reader software is available for download from the ArticSoft web site - www.articsoft.com. It supports the generation, import, export, backup and restore of keys, and decryption and verification of FAOPGP OpenPGP and PGP (v5 and above) protected files. The free reader software does not support the encryption, signing or secure deletion of files or integration with Windows Explorer.

ArticSoft does not support self-decrypting exe files as this is a weaker mechanism that is open to password attacks.

Full OpenPGP compatiblity
Files protected by FAOPGP can be read by any OpenPGP compliant product including PGP v5.x+. FAOPGP can also read files sent by any OpenPGP compliant product including PGP v5.x+.

Information on PKI, Signatures & Certificates
FAOPGP is fully PKI-enabled and lets you generate your own keys and certificates or you can import them from all the major Certificate Authorities (CAs). For more information on PKI please read 'An Introduction to PKI' available from the ArticSoft web site. Information on Signatures and Certificates is also available from our web site.