How secure email works

Security is fast becoming one of the differentiating factor between the multitude of apps coming out. Consumer is also getting aware about the perils of readily available connectivity and the lack of privacy it comes with.

Lack of security in messaging is not for the lack of tools, but for the lack of ease of use for the end user. So, the seamless integration of security features becomes very important.

What is Encryption?

encryption is the process of encoding messages or information in such a way that only authorised parties can read it. Encryption does not of itself prevent interception, but denies the message content to the interceptor.

There are 2 types of encryption based on the key.

1. Symmetric Encryption
   In symmetric-key schemes, the encryption and decryption keys are the same. Thus communicating parties must have the same key before they can achieve secret communication.
2. Public Key Encryption
   In public-key encryption schemes, the encryption key is published for anyone to use and encrypt messages. However, only the receiving party has access to the decryption key that enables messages to be read.
   
   

Uses of Encryption

Encryption can be used to:

1. Preserve the confidentiality of the message.
2. Validate the integrity of the message.

How does it works

Symmetric encryption has it inherent issues, As the key being used is common, and has to be shared between the users, the key itself can be compromised. 

Hence "Public key encryption" is more widely used.

Public Key Encryption:

Preserving the confidentiality of the message:

There should be a common location where the public keys for all the users are stored and which is accessible for everybody.

When sending a message to a contact app will access the public key of the contact to whom the message is being sent. The content of the message will then be encrypted with the retrieved key.

When the intended recipient gets the message, the app will open the message and using the private key of the recipient (User will have to create a key pair to enable encryption feature) will decrypt the message and display it as plaintext.

Validating the integrity of the message

The above process makes sure the message is confidential but we still cannot authenticate the sender's identity. The solution for this issue is:

Before sending the message, the app will first encrypt the message using the public key of the recipient (as described in the previous point), then the app will use the private key of the sender to re-encrypt the cipher text generated from the previous step.

When the recipient receives the message, the app will now first use the senders public key to decrypt the message, this will ensure that the message sender is authenticated.

Then the app will proceed with the steps laid out in the previous step to decrypt again to get the message in plaintext.

Conclusion:

Hopefully this laid down the basics of how things work, we will continue the series on the tools and techniques used to secure your communication.

My thoughts on Swift - Apple's new programming language

Hi,

I have been dabbling in Swift, the new programming language Apple introduced in WWDC 14. It won't replace Objective-C anytime soon, as the code base of the existing apps is too large to shift over to Swift, And Swift does not add anything new, feature wise atleast, to the iOS platform.

As we all know that Objective-c is a very old language, an object oriented take with C as its base. It was missing many of the new programming paradigms, Swift took language ideas "from Objective-C, Rust, Haskell, Ruby, Python, C#, CLU, and far too many others to list".

What Swift does is, it lowers the barrier of entry for the new developers to the iOS universe, developers with experience with languages like javascript etc, can now easily learn Swift and being with native development.

As comfortable as I am with Objective-c now, it's syntax is arcane and harder to grasp, which make the learning curve steep for the new developers wanting to start with iOS/Mac development.

As many of you might know, Google also released a new language "Go", but it's acceptance has been minimal, google didn't push hard enough. On the other hand Apple has provided all the existing Cocoa / Cocoa touch frameworks to be used with Swift. This can just be the incentive required for widespread adoption of Swift.

Elysium - Movie Review

Hi,

Saw Elysium today, Matt Damon plays the protagonist in this one. I am a sci-fi fan, and Matt Damon is a good enough actor to sit up and notice when his movies come out.

What I didn't know was that the movie is written and directed by Neil Blomkamp, who also happens to be the director of District 9, one of my favourite sic-fi. Needless to say I had big expectations from Elysium. And I was not disappointed. This movie has heart, you can see the city of LA transform into a wasteland, which due to overpopulation and increasing pollution can be a possibility.

The tech shown is a bit too advanced, but today's imaginations are tomorrow's inventions.
Movie starts slow, stressing the human factor in a sic-fi setting, same as the director's previous movie.
You can relate to the characters, feel the desolation and restlessness. There is the resistive faction too but the resistance movement is not too stressed upon.

The theme of the movie can be related to the recent Occupy movement, which stressed on the fact that majority of the wealth is concentrated with the 1% of the population.

To keep it short and not providing any more spoilers, If you liked District 9, go ahead and watch Elysium, though not as promising as District 9, this one is worth watching.

Regards,
Ishan

Security Over The Internet : How Secure Are You?

Hi,

From the past few months the world has been in a frenzy over the revelations made by Edward Snowden. Though it just reaffirmed what most of the people were already expecting. But the enormity of the surveillance has blown the roof out.

The American electronic surveillance agency, the NSA, once ironically referred to as "No Such Agency", not only spies on the American citizen, they also have their tentacles deep into other nations communications, even covering the state heads of the so called American allies.

One of the most commonly given argument is that , "If you have nothing to hide, you should not be afraid of somebody listening on to you". This is complete non sense. Every body has their own private life and have full right to decide what they want to share and what not. The information being generated by you is owned by you. Nobody has the right to take that information without your consent.

Through some of the off the shelf software, which many of the governments, including our own Indian government, has purchased, Anybody can listen in to your communication, have access to your data, even Remotely activate your web cam. This is a serious breach of your rights.

Through a series of articles, as I keep learning myself, I will try to bring to light some of the most basic day to day things that you can do to keep your self safe and keep the intruders out.

Stay tuned.

Regards,
Ishan 

Book review: Counting from zero

Hi Folks,

I am an avid reader, and reading is a very good hobby to have.

So I have decided to start sharing the books I have recently read and what I think about them.

So on this note, Today I am going to talk about a book called "Counting from zero".

Author of this book is Alan B. Johnston, he is the author of ZRTP, VOIP security protocol. So, I had big hopes from this book. Throughout this book, there are numerous technical references, lots of security details. needless to say, I loved it.

The plot in Counting from Zero was gripping. The protagonist travelled all over the world and Mr. Johnston did an exceptional job of painting a detailed portrait of each location in which a convention was held, especially Las Vegas. The nuts and bolts of the story are propelled along by entries into Mick's security blog that fill in the technical details of the plot.

Any body interested in security, encryption and tech in general will like it.

So, go ahead, if the details I shared interested you, go ahead and enjoy the text.

Regards,

Ishan Malviya

iOS Core Animation - Advanced Reading

Hi All,

iOS has a very fluid and structured animation stack, the frameworks involved are clear and approachable. But most of the contents you will come across shows you the basics of animation, like moving a block from location to another, or hiding/unhiding some container. 

Beyond that the only option you have is to dig deep into the Core Animation Guide from apple or scrape the internet for some tutorial.

Recently I was just going through the Amazon's Kindle books and found a promising prospect, iOS Core Animation: Advanced Techniques, This book seems to have raised the game. I am going through the book right now and it seems promising.

For now, If you want, create an account on amazon and you can read the sample chapters for free, decide for yourself.

Will provide more detailed thoughts on the book once I am done with it.

Till then, Happy learning.

Regards,

Ishan Malviya

Gravity - Movie Review

Hi All,

Just saw the movie Gravity, and I must say, the visuals are stunning. Better to watch this one in 3D.
This movie comes in the category of Apollo 13, Which was another master piece.

Don't expect it to be a thriller like Alien series. This one is not a fast paced thriller. The movie takes its own sweet time to unfold, but in the end enthrals you with its enormity.

This movie is about overcoming the fear and adversity (There is a lot of it), and triumphing.

So, what are you waiting for, go watch this one.

Regards,
Ishan Malviya