DICA Technologies AG * www.dica.de * 10.04.23 1

DICA Scrypt-Guard

Mail Encryptor ScryptMan Admin Interface

DICA Technologies AG * www.dica.de * 10.04.23 2

DICA Scrypt-Guard™ Mail EncryptorFunction and Features

Secures E-mail traffic over the Internet

• Authentication between DICA Secure Domains

• Digital signature of E-mails

• Anonymity of the E-mail sender and addressee

• E-mail encryption including all attachments

DICA Technologies AG * www.dica.de * 10.04.23 3

@DICA Scrypt-Guard™ Mail EncryptorBenefits

Simple secure E-mail communications between all company locations as well as between non-affiliated businesses

• Easy to install in existing network environment (Domain)

• Simple scalability

• No changes in user applications

• Unlimited number of users

• Unlimited worldwide usage

DICA Technologies AG * www.dica.de * 10.04.23 4

DICA Scrypt-Guard™ Mail EncryptorSimple Scalability

• No adaptations are needed in domains equipped with DICA Scrypt-Guard™ devices, in case a new domain is equipped with the DICA Scrypt-Guard™ or with a D/SM™ compatible system

• A newly installed DICA Scrypt-Guard™ automa-tically learns about other domains equipped with DICA Scrypt-Guard™ by means of the E-mail traffic between them

DICA Technologies AG * www.dica.de * 10.04.23 5

DICA Scrypt-Guard™ Mail EncryptorFeatures 1

• Authentication between DICA Scrypt-Guard™ devices based on Certificates => Protection against false identity

• Digital signature based on Group Key for Domain => Protection against manipulation

• Strong encryption of whole E-mail content incl. all attachments => Protection against Breach of Confidentiality and

Eaves Dropping

DICA Technologies AG * www.dica.de * 10.04.23 6

Web Browser Administration Interface for Scrypt-Guard

DICA Scrypt-Guard™ Mail EncryptorScryptMan

DICA Technologies AG * www.dica.de * 10.04.23 7

Domain Security Services (2)Scrypt-Guard Security Policies

Default Security PolicyPre-defined Policy, no administration tasks

Company Security PolicyCompany adapted Policy, easy to set with the help of ScryptMan

Web Browser Interface (e.g. Closed Domain Groups)

Personal Security Policy (planned)Per Mail based Policy for the single user (e.g. Mail

Acknowledgement)

DICA Technologies AG * www.dica.de * 10.04.23 8

• The user LAN with mail server and external router/firewall already exists.

InternetMail Server

• The DICA Scrypt-Guard™ will be placed between mail server and its LAN interface.

Router/Firewall

DICA Scrypt-Guard™

Transparent On the Fly Encryption (1)

No Mail Proxy

No IP Host

DICA Technologies AG * www.dica.de * 10.04.23 9

Digital Signature and Strong Encryption

New Header

Public KeyPartner

Session Key

EncryptedSession Key

EncryptedOrig. Header

Original Mail Header

Session Key

Mail Text with Signum

Encrypted Mail Text with Signum

Session Key

Original Mail Header

(Compressed) Mail Text

Optional Text Compression

Signum

Create Digital Signature

Original Mail Text

Transparent On the Fly Encryption (3)

DICA Technologies AG * www.dica.de * 10.04.23 10

The Decryption Process

New Header EncryptedSession Key

Session Key

Private Key

EncryptedOrig. Header

Encrypted Mail Text with Signum

(Compressed)Mail Text

Original Mail Header

Session Key Session Key

NewSignum

Original Mail Header Original Mail Text

Optional Text Decompression

Signum

?

Transparent On the Fly Encryption (4)

DICA Technologies AG * www.dica.de * 10.04.23 11

Public Key Infrastructure (1)

Key Pair Generation : decentral

Registration Authority : decentral

Certificate Authority : DICA Technologies

Certificate Type : Group Certificate

Certificate Format : X.509 v.3

Personal Security Environment: Software (first version)

Hardware

Key Distribution System : E-Mail Infrastructure

Certificate Directory : Web (planned)

Certificate Revocation List : Web (planned)

Infrastructure for DICA Public Key Encryption

DICA Technologies AG * www.dica.de * 10.04.23 12

ScryptGuard is DifferentCompare and Decide about ScryptGuard

Product class Remarks vs. ScryptGuard

Client based software

Installation on each client User must initiate and decide about which Email is to be encrypted Licence per client

No installation on clients

Full automatic Email-encryption No Client licences

Server based software

High efforts in administration and maintanance client/server licences

No administration and maintanance efforts No licences

VPN High threshold value for investment High efforts in administration and maintanance

Cheap No administration and maintanance required

DICA Technologies AG * www.dica.de * 10.04.23 13

Organisation AOrganisation B

Open E-Mails

Signing open E-Mail with inDICAtor

Recognizing inDICAtor by B

Secured E-Mails

. . . .

.

Public Key APublic Key B

Public Key Infrastructure (2)Key Distribution