Keeper – The Only Enterprise Password Manager to Use Elliptic Curve Cryptography
The Reno Agency team keeps our client data as well as our agency data secure in many ways. One of the tools we use is Keeper and here’s a recent article they wrote on Single Sign On (used by our team when they log into their computers via Microsoft using multi-factor authentication) and why they is a benefit for Reno.
Keeper’s Enterprise Password Manager is the only solution that uses Elliptic Curve Cryptography (ECC) in its encryption, making it the most secure password management solution available.
ECC is a public-key cryptography method based on the mathematics of elliptic curves. First proposed in 1985, it recently rose to prominence with modern cryptography as it provides a higher level of security compared to traditional encryption methods, such as RSA.
Considered by the InfoSec community to be the most secure level of encryption for information security, ECC provides many advantages including:
- Best-in-Class Security: The difficulty of solving elliptic curves provides an added level of protection against complex cyberattacks such as quantum computing.
- Efficiency: ECC uses smaller key sizes compared to other encryption algorithms, such as RSA. This makes it more efficient in terms of computation and storage requirements as it uses limited resources.
- Fast Computation: ECC is faster than other encryption algorithms, making it an ideal choice for applications that require fast encryption and decryption.
Keeper’s encryption model documentation compares the strength of 256-bit elliptic curves against vaults encrypted with password-derived keys.
No Master Password Needed
The deployment of Keeper through a Single Sign-On (SSO) identity provider eliminates the need for a master password. Instead, Keeper uses ECC to encrypt and decrypt data, allowing for a seamless login experience with SSO and passwordless technology.
A local ECC-256 (secp256r1) private key is used to decrypt the Data Key at the device level, which unwraps the individual folder keys and record keys for the latter to decrypt each of the stored record contents.
The Encrypted Data Key is then transmitted between the devices through a push system or key exchange service called Device Approval, which is managed by the admin to preserve zero knowledge.
Without a master password to prey on, the threat of brute force attacks against stored data is eliminated.
Keeper Complements SSO to Cover Any Security Gaps
SSO’s ease-of-use and ease-of-access have made it a preferred solution to remedy password-related issues, but it still presents serious security gaps as a single point of failure.
For instance, users automatically get locked out of multiple sites and apps versus only one if they forget their password. Should a user’s account get hacked, cybercriminals would be able to gain access to all associated sites and apps, compromising the entire layer of security SSO was tasked with providing in the first place.
Even with SSO, privileged access users still need one secure location to safely store non-SSO passwords, SSH keys, API keys, etc. that – just like SSO assets – require role-based access, configurable control of policies and sharing capabilities.
Keeper integrates with all major SSO solutions and is a perfect complement for the legacy applications and other use cases that SSO doesn’t cover. IT Admins and IT Security professionals love using Keeper for its:
- Rapid Deployment: No upfront equipment or installation costs. Easy Active Directory and SSO integration.
- Ultimate Cybersecurity Protection: Zero-knowledge architecture means there is nothing to hack.
- Pervasive Employee Adoption: Intuitive UI, automated password generation and autofill makes the transition a breeze.
- Mitigate Password-Related Support: No more forgotten or lost passwords.
Request a demo of Keeper Enterprise Password Manager today to see how an elliptic curve level encryption can protect your organization’s passwords, credentials and secrets with zero-trust and zero-knowledge security.
Adrien is the B2B Marketing Campaigns Manager for Keeper Security and contributing writer with over 12 years of experience in the technology industry with a focus on SaaS. Adrien now leads Keeper’s marketing efforts to raise awareness about Keeper as a leader in cybersecurity in its mission to unify critical components of Identity and Access Management and enable zero-trust transformation.
Source: How Keeper Uses Elliptic Curve Cryptography (keepersecurity.com)