Cryptoshop Help! Cryptoshop Contact! Cryptoshop Memo! Cryptoshop Shopping Cart! Place your order! Change to german site!
+ Products
· · · · · · · · · · · · · · · · · · · · · · ·
+ Solution
· · · · · · · · · · · · · · · · · · · · · · ·
+ Knowledge Base
· · · · · · · · · · · · · · · · · · · · · · ·
+ Service
· · · · · · · · · · · · · · · · · · · · · · ·
     
Management
· · · · · · · · · · · · · · · · · · · · · · ·
Security Officer
· · · · · · · · · · · · · · · · · · · · · · ·
System Engineer
· · · · · · · · · · · · · · · · · · · · · · ·
Purchasing
· · · · · · · · · · · · · · · · · · · · · · ·
Maintenance
· · · · · · · · · · · · · · · · · · · · · · ·
 
 

Security on Cryptoshop.com
 

Securing your personal data
At the end of the order workflow, you are getting into the secured area of cryptoshop.com, where your personal and payment data is to put in. You can recognize this on a closed lock symbol in your browser (lower edge in the IE). Your data is sent encrypted and nobody can eavesdrop ist.

Encrypted Connection with SSL
For sending sensitive information (like personal or credit card data) over open networks it is necessary to encrypt this data. But a encrypted connection is worthless if you do not know, who is on the other side of the connection. For this reason the webserver has to be authenticated. Browser connections are secured easiest with SSL (https - HTTP over SSL) which warrants confidentiality and authenticity.

SSL is using hybride encryption, because encrypted connections work most efficient with symmetric algorithms (3DES, AES,..), but the transfer of the secret key is done by asymmetric algorithms (RSA, DH,..). The identity of the webserver which belongs to the public key is certified by a certification authority (SSL-Certificate).


In the above figure you can see how a SSL - connection is established - open in an own window .

SSL-Steps
By requesting a secured web page the server certificate to the public key is also requested
The server sends his certificate still unencrypted - the browser validates the certificate (with certificate chain and revocation lists)
The browser sends now the session secrets to the server - this message is encrypted with the public key of the server.
The server is decrypting this message with his private key and obtains the right session secrets in this way. The browser recognize that the webserver truly has the private key, when the server is using the right session secrets.


Browser configuration
Your browser should support high encryption (128 Bit) and should have installed the newest security patches.

In advanced Internet-Optionen you should have activated the following items

- check for publishers certificate revocation
- check for server certificate revocation
- do not save encrypted pages to disk
- use SSL3.0
- use TLS 1.0
- warn if forms submittal is being redirected
- warn about invalid site certificates.

but deaktivate - use SSL2.0



SSL - TLS


Cryptography


Symmetric


Asymmetric


Certificates


Authentication with PKI


Back to previous page!Top of page!To the startpage of Cryptoshop.com!
Read news from this industry!
  Read the News from this industry sector!  
  · · · · · · · · · · · · · · · · · · · · · · · · · · · ·  
  News from all over the world  
 
Germany
Austria
Europe
Manufacturer
Market data
 
 
  Special offer of the month!  
  Cryptoshop Bundles!  
 
  SSL - TLS  
  Symmetric  
  Asymmetric  
  certificate formats  
 
Legal notice Terms and Condtitions Consumer notice Privacy Newsletter Copyright © 2004 CRYPTAS. All rights reserved