One of the major difficulties of current cryptosystems, including PKI, rests upon administration and sharing encryption keys. We have also observed that there is a lack of interoperability between encryption protocols. Most often, this incompatibility is linked to the implementation of the protocol and not its mathematical foundations.

One example would be asymmetric protocols such as PGP, GPG and RSA. ETSEM technology offers a line of standard asymmetric and symmetric cryptographic protocols that enable the user to choose the encryption technique adapted to their specific needs. For all practical purposes, this technology favors a strong cryptographic protocol for storing data and a light encryption for data flow. In order to optimize calculation times, these encryptions are made using a symmetric key. The size and type of its protocol vary depending upon the security situation originally chosen: RSA 1024/2048/4096bit, Triple-DES 192bit (3x64), AES 128/256bit or SHA-2 512bit.

A system with a wide range of certificates

ETSEM technology is based upon a unique system of dynamic certificates that are simple to implement and ensure the secure use of ETSEM’s cryptosystem. There are three principal dynamic digital certificates: the Private Digital Certificate, (CePR), the Negotiated Digital Certificate (CeNE) and the Independent Security Policy Digital Certificate (CePS).

The CePR possesses all of the data relative to a owner, notably those parameters useful to a cryptosystem as defined by the user as well as declarative and authentication information that this user has saved. Please note that the identity of a CePR bearer can be reinforced, as required, by importing an X.509 certificate delivered by a trusted Certification Authority (CA).This private digital certificate is kept secret by ETSEM technology and can only be interrogated by the user that owns it, after they are authenticated. With a CePR, the user can securely manage their data’s confidentiality, whether it is flat files, data flow or information saved in a database. To control the transfer of their data, the user owning a CePR will define a CePS generated using dynamic and contextual circulation (defining the context, duration, geography, and provisions), uniquely applicable to the CePR.

The CeNE is used by ETSEM technology to associate two or more private digital certificates within the framework of a large and reciprocal exchange of data between users. Each of the entities recorded in the CeNE will possess their own CePS thus defining the security and authorization parameters for incoming/outgoing data flow from or to their respective information systems.

A downloadable digital process for data and data flow

ETSEM technology possesses two distinct data formats for different uses: (i) a format specific to stored data; (ii) a format specific to data flow. The data is entirely encrypted and authenticated and permanent monitoring of data and metadata integrity is applied to the formats as is universal timestamping of data history. The formats of this technology systematically load information relative to the sender’s and receiver’s authentication by affixing their respective electronic signatures to the verification fields intended for this purpose. ETSEM technology formats dispose of embedded digital index bundles enabling the user to control the data’s authenticated traceability at any time.