How secure is SYNCING.NET?

SYNCING.NET is a high-secure peer-to-peer system. Only you and other invited members can view or access the data in your "Sync Folder" or "Outlook Group" . SYNCING.NET encrypts all files and messages exchanged to ensure user's privacy. All communication on SYNCING.NET is authenticated via RSA and additionally encrypted via AES.

How it works in detail?

At the beginning of each session, the sending peer (peer A) signs the header of a special communication packet with its private 1024-bit RSA key, encrypts it with the public key of destination peer, and sends this authentication packet to the destination peer (or to the server). The destination peer (peer B) can decrypt the header with its private key, and verify the RSA header came from the right peer (and was not modified in transit) using the sending peer's public key. The public keys are stored on the server and accessible by all peers in the same network.

After verifying the connection came from the right peer (messages from unknown peers are just ignored), peer B sends a 256-bit AES session key to peer A. This session key is also RSA encrypted using peer's A public key. If a wrong peer (e.g. a middle man attack) receives the data, it can't decrypt the RSA data containing the session key without the private key of the destination peer.

All data transmitted between both peers during this session is encrypted and decrypted using the 256-bit AES session key (end-to-end encryption). The key expires when the session ends. Each following session uses another key generated as described above.

Neither SYNCING.NET Technologies nor other peers that are not in the same network are able to decrypt the data, as they don't know the secret session key!

The reason for this double keying (AES + RSA) is that AES symmetric encryption/decryption is fast, so it is used for the bulk of the transfer. However, the same (symmetric) key needs to be known to both peers exchanging the data. RSA 1024-bit encryption/decryption algorithm uses a public/private key pair and it is very strong/secure but also slow and CPU-intensive, so SYNCING.NET only sends a small amount of data – the 32-byte AES session key (32 bytes = 256 bits) and the peer unique ID – using RSA-1024.