End-to-end encryption and metadata obfuscation.
Cryptography to protect your privacy.
Simple end-to-end encryption for everyone.
Qabel is an application-spanning and open-source service platform for the purpose of end-to-end encryption. It also focuses on the avoidance and/or the obfuscation of metadata. Every app and every program which docks on the Qabel platform therefore becomes a cryptography tool.
A file encryption is a local encryption — on a PC or smartphone, for example. An individual file is protected on a selective basis to prevent access by unauthorised persons. As soon as the file leaves the local environment it is unprotected.
Transport encryption means the protection of data during its transportation from the sender to the server and from the server to the recipient. If the system works, third parties are not able to intercept any data. The server, however, has full access to the user data which is transported and knows the metadata of the sender, of the recipient and of the data.
In the event of end-to-end encryption, the data to be sent is encrypted on the sender's device before it vacates it. The data remain encrypted during the transport and can only be decrypted by the recipient. The transported user data cannot be viewed by third parties during either the transportation or on the server.
The following also applies here: In the event of end-to-end encryption, the data to be sent is encrypted on the sender's device before it vacates it. The data remain encrypted during the transport and can only be decrypted by the recipient. The transported user data cannot be viewed by third parties during either the transportation or on the server. The metadata of the sender, the recipient and the data which is sent are also obfuscated. In this case, a certain degree of anonymisation occurs.
Qabel services such as the Qabel Box can also be operated on different end devices such as an Android smartphone, a tablet or a Windows desktop. For such purposes it is necessary for the appropriate app and/or the corresponding program to be installed on the device. All functions are then available for user-friendly operation and the user can initialise the encrypted communication immediately. The actual encryption and decryption according to AES-256 (advanced encryption standard with 256 bit long blocks) is completed automatically by Qabel in the background.
Start now at no charge with Qabel Free
Everything to be communicated via the Qabel Platform is fully end-to-end encrypted. This means that the data are already encrypted on the sender's device before they are sent via the internet. They are only decrypted again on the recipient's end device. This method extends far beyond the straightforward transportation encryption which is used very frequently. With Qabel, only the sender and the recipients that s/he authorises are able to access the data. Nobody else, including the host (Qabel or any other Qabel host), holds the data authority. This ensures the digital self-determination.
Qabel never makes any claim to be absolutely secure. To claim absolute security from a technical point of view would amount to charlatanry. In each case, the combination of symmetrical and asymmetrical cryptography, which is used for the Qabel platform, is based on established standard algorithms (AES-GCM with 256-bit and/or curve 25519). This method of encryption is to be classified as "secure" insofar as it is so far uninterrupted. This makes the Qabel platform as secure as is currently possible within the limits of technology without having to sacrifice high usability.
Technical documentation is available at GitHub.
The encryption and decryption of Qabel follows the principal of asymmetrical cryptography. Qabel completes all of the required steps automatically in the background. This process can be highlighted with the following chart:
If Alice wants to exchange data with Bob, she starts by asking Bob for a what is known as a "public key", which he then gives to her. It is possible to imagine the public key as being an open padlock. With this padlock, Alice is now able to secure the data or – to use the correct term – to encrypt it. And since once it is locked, the padlock cannot be opened again, even Alice is not able to decrypt the data. Bob still has the key to the padlock, known as the private key, and he hasn't given it to anybody else. This means that he is the only person who can decrypt the data encrypted by Alice.
If Alice would like to use Qabel as a place to store for her personal data, however, she will get both the public key and the private key.