This article contains an overview of Virgil Security products and tips on how to best use them.
Virgil Security is a stack of security libraries and all the necessary infrastructure to enable seamless, end-to-end encryption for any application, platform or device. In a few simple steps you can encrypt communication, securely store data, provide passwordless login, and ensure data integrity.
Virgil Security has everything from libraries to services to help you immediately start building end-to-end secure digital solutions to comply with regulations like HIPAA, GDPR and more in the easiest way possible.
Let's take a look at what we provide and how it can be used.
The Crypto Library:
- is open-source;
- is written in C++ programming language;
- is suitable for mobile, desktop and web platforms;
- supports bindings with the following programming languages: Go, PHP, Python, Ruby, Java, C#, AsmJS, NodeJS, WebAssembly. Swift/Objective_C can use the Crypto Library directly;
- has special wrappers for simplifying Crypto Library implementation: Go, Objective-C/Swift, C#/.NET, Ruby, Python, PHP, JS.
- communicate with Virgil Cards Service;
- manage users' Public Keys;
- store Private Keys in secure local storage;
- use Virgil Crypto Library.
Virgil also provides developers with Key Management and Services to store and manage user Cards with Public Keys and associated information.
- Virgil Cards Service is responsible for the Virgil Card entries management. The main purpose of the Virgil Card entry is to store a user's Public Key with an optional identity which is issued on the application developer's side.
- PFS Service is a standalone web service dedicated to managing OTC and LTC Cards used to solve a Perfect Forward Secrecy scenario.
In order to make your users' passwords "breach-proof" and make your Private Key usage more comfortable Virgil Security provides an SDK which allows you to communicate with Virgil Pythia Service and implement Pythia protocol for the following use cases:
- Breach-proof password. Pythia is a technology that gives you a new, more secure mechanism that "breach-proofs" user passwords and lessens the security risks associated with weak passwords by providing cryptographic leverage for the defender (by eliminating offline password cracking attacks), detection for online attacks, and key rotation to recover from stolen password databases.
- BrainKey. User's Private Key which is based on user's password. BrainKey can be easily restored and is resistant to online and offline attacks.
In both cases you get the mechanism which assures you that neither Virgil nor attackers know anything about user's password.
We care about developers and give them a convenient dashboard where they can:
- create and manage their Applications
- generate API Keys
- see Application statistics.
Not everything in the world of networking revolves around web browsers. There are many situations where TLS (Transport Layer Security) is overkill or simply not applicable. For example, in IoT (Internet of Things) implementing the full TLS stack is a challenge because of code size, CPU constraints, the number of TLS features a developer must support, and the complexity of provisioning devices during manufacturing.
Virgil has it's own open-source protocol which is called Noise Socket that lets developers encrypt any and all TCP connections and achieve end-to-end security.
If you have any questions on these just let us know!
Take a look at our next article to find out about how you can use Virgil products in order to make data in your digital solution completely protected.