Forums Help & support How can I make use of export/import public sharing key or Axcrpyt ID ?

This topic contains 24 replies, has 3 voices, and was last updated by  Prabhukumar R 4 years, 6 months ago.

Viewing 15 posts - 1 through 15 (of 25 total)
  • Author
    Posts
  • #13379 Reply

    Raymond Cheung

    Dear Sirs,

    Is anyone here can tell me how can I make use of export/import public sharing key or Axcrpyt ID ?

    I ‘ve tried to export my sharing key to others. Others imports my key,  but there is no message or status to check what is imported. I send my encrypted file to others who already import my key. Others can not open the file without my password.

    So I confuse the usage of export/import public sharing key.

    Please help or let me have the user guide/ manual.

    Thanks,

     

    Raymond Cheung

     

    #13381 Reply

    Prabhukumar R
    Moderator

    Hello Raymond,

    You can export and share your AxCrypt public key. But not other public keys. AxCrypt will accept and work with AxCrypt generated public keys only.

    If you are trying to decrypt/open the someone’s AxCrypt encrypted file, then you needs the someone’s file password which was used for file encryption.

    There is no need to share passwords in order to send or share files securely with others. AxCrypt has a key sharing feature letting you add recipients by email address, who when they receive the file can open it with their own AxCrypt password.

    AxCrypt Key Sharing is a Premium(paid) feature. But you can use it as a free via Key Management.

    AxCrypt app having the feature called Key Management. Using this feature, you can export your public keys and import some other AxCrypt user’s public keys to share the encrypted file to others.

    You can export your public sharing key from the AxCrypt app menu File | Key Management | Export My Public Sharing Key.

    After exporting your public key, you need to send the key file to the 3rd party peoples(who is going to share and send the file with you).

    Now 3rd party people need to import your public key file to their AxCrypt app using the menu option File | Key Management | Import Someone’s Public Sharing Key.

    Please note: If you reset your AxCrypt account password, then again you should export your public key again and share it with them.

    #13383 Reply

    Raymond Cheung

    Dear Sir,

    I’ve got it.

    Thanks,

     

    Raymond Cheung

    #13385 Reply

    Raymond Cheung

    Dear Sir,

    Just discover that, if both users without internet connection, share key by input the email address is not working.  They must use the import / export public key (key management)  to share the encrypted file. Is it correct?

    Thanks,

    Raymond Cheung

     

    #13404 Reply

    Azhaguraja B
    Keymaster

    Hello Raymond,

    Without an internet connection, AxCrypt key sharing will not allow the user to type/write the email address of others.

    AxCrypt desktop application will communicate with our API service to get the key sharing recipient’s public key information. So the internet required to communicate with our API service.

    If the internet is not available, We can use Key Management(Export/Import public keys) feature to key share the file.

    #13583 Reply

    Maurice Brandman

    So in order to send an encrypted file by email to my external contact, the contact must first install AxCrypt?
    Is it possible to maintain the security of a file and send to an external contact who has no AxCrypt installed? If so, then how?

    #13598 Reply

    Prabhukumar R
    Moderator

    Hello Maurice,

    1. Yes, AxCrypt application and account required to decrypt/open the AxCrypt encrypted files. Without the AxCrypt app we can’t open the encrypted files.

    If receiver who does not have registered AxCrypt ID, (s)he will receive an invitation email with instructions on how to proceed.

    After that receiver can open the AxCrypt encrypted file in AxCrypt app with own password.(if key sharing applied.)

    If you are trying to decrypt the someone’s AxCrypt encrypted file, then you needs the someone’s file password which was used for file encryption. So the someone needs to share the file password with you. Then only you are able to open the encrypted file.

    To see a quick instructional video explaining how to use key sharing, please view https://www.youtube.com/watch?v=9z3KOZD-Yks .

    All the AxCrypt encrypted files should have the .axx extension as per our design. Also you need AxCrypt application to decrypt the AxCrypt encrypted files.

    If the encrypted file does not have the .axx file extension, then the AxCrypt app will not decrypt the same.

    #14031 Reply

    Ax

    Can I confirm, if I export my public sharing key, anyone that has that txt file would, using Axcrypt software, be able to decrypt every single file I might have encrypted (via the account linked to that specific public key)?

    In practical terms it’s the equivalent of me sending someone my password.

    If that’s correct, if my public sharing key is stolen/falls into the wrong hands, what would I need to do to stop that public key from working in the future?

    I noticed my account e-mail is shown within the txt file would that need to be changed or could I simply change my account password?

    Would a new account password create a new public sharing key and invalidate the old public sharing key?

    Fortunately this has not happened to me, I simply wish to know the ramifications of using the public sharing key.

    Thank you.

    #14032 Reply

    Ax

    As a follow up, as there is no internet connection involved in the encryption or decryption of files would I be correct that if my Public Sharing Key fell into the wrong hands I would in fact need to:

    Decrypt every single file I had / Reset (not just change) my password / Then re-encrypt every file all over again to ensure the original public key no longer worked in the future?

    If true, a public key seems far less secure than a password protected zipped file, as one public key is the equivalent of tens of thousands of individual passwords.

    Thank you for your help.

    #14048 Reply

    Azhaguraja B
    Keymaster

    Hello Ax,

    1) You misunderstood the Key management feature.

    It is not like sending your password to someone. With the exported public key, we can’t decrypt the encrypted files.

    Key management will help you/others to key share the encrypted file with others.

    For example: If someone got your public key file, then he can import the same with the AxCrypt app and key share the file with you. This is an alternative way of key sharing without a premium subscription.

    If you missed or someone got the public key file, no worries. It will help them to key share the file with you.

    Whenever a file is encrypted, it’s encrypted with a random key. That key, in turn, is encrypted with the user’s password AND with the user’s public key.

    For more information about the keys and password change, please visit our blog- https://forum.axcrypt.net/blog/password-reset-axcrypt/ and https://forum.axcrypt.net/blog/what-is-an-axcrypt-id/.

    2) Internet is not required to encrypt/decrypt the files in the ACrypt app. Internet is for detecting the accounts and subscription information and syncing the same to our local.

    As I said earlier, nobody can decrypt the file only with the public key file.

    If someone knows your AxCrypt account password, then change(we recommend) or reset your AxCrypt account password with a new one.

    Once changed the AxCrypt account password, then open the old encrypted files with file password(old password-which was used in the encryption) and update the file contents. Now all the updated files will be re-encrypted with a new password.

    Key management helps/allows the user to key share the encrypted file(s) without a premium subscription.

    #14049 Reply

    Ax

    Hello Azhaguraja B

    Thank you so much for your reply. Sorry but I’m sorry totally confused.

    If I send an encrypted file to someone (and they had the AxCrypt app) what would they need to decrypt/open the file I’ve sent to them?

    You appear to be saying they would need both the public key and my account password is that correct?

    I ask this because I did a quick test. I installed Axcrypt on a second computer without any internet connection. Made up a test e-mail and password and the app opened. I then attempted to open a file I had encrypted with my official account. The newly installed app asked for the password and I entered my official account password and the encrypted file opened. I then encrypted a file using the test computer and was able to open it with my normal computer using just the password I’d made up on the test computer. I had no need to import a public key to open the files.

    If someone simply knows my password and can open an encrypted file, what does the public key do?

    Sorry I’m clearly missing something, but I can’t work out what the public key does that knowing my password alone does not.

    #14050 Reply

    Ax

    Hello Azhaguraja B

    Sorry I couldn’t see how to edit the previous post.

    I just thought I’d add: Test conducted in Windows 10 Pro (both computers) and using AxCrypt-2.1.1585.0 Software.

    Thank you, for your help.

    #14064 Reply

    Azhaguraja B
    Keymaster

    Hello Ax,

    Apologies for the delayed response.

    If someone is trying to decrypt your AxCrypt encrypted file, then he/she needs your file password which was used for file encryption. Without the file password, nobody can decrypt the encrypted files.

    When we encrypting the file, AxCrypt app will use the user’s public key and file password. The file password is the master key to decrypt the encrypted file(s).

    As per our blog,

    A public key – this key is non-secret and can be used by anyone to encrypt data. But it can’t be used to decrypt anything! We sometimes call this a sharing key.

    A private key – this key must be secret and is required in order to decrypt any data encrypted using the public key. We sometimes call this a secret key.

    Knowing the public key, it is computationally infeasible (i.e. impossible in layman terms) to derive the private key.

    Yes, if someone knows your file password, then he/she can access your encrypted files(which are encrypted with the same password). That’s the reason we are advising users to don’t share the file password/AxCrypt password with others and use the Key sharing feature.

    If someone knows your file password and he has access to your system, then he can access the encrypted files. So please always use strong passwords.

    There is no need to share passwords in order to send or share files securely with others. AxCrypt has a key sharing feature letting you add recipients by email address, who when they receive the file can open it with their own AxCrypt password.

    Key sharing feature will use the user’s public keys.

    Key sharing embeds the shared key into the file. The file must thus first be key shared with the recipient, then sent or file shared. Please note that AxCrypt does not share or send the actual file. To see a quick instructional video explaining how to use key sharing, please view https://www.youtube.com/watch?v=9z3KOZD-Yks .

    When you key share a file with user A, AxCrypt will use the user A’s public key in the encryption process. Please read our blog, we clearly explained there.

    Please note: If you think somebody else knows your AxCrypt password, then please change the password with a strong one. Always use strong and lengthy passwords.

    #14065 Reply

    Ax

    Thank you for your reply, no need to apologize. I probably need to apologize to you, because I’m just getting more confused!

    Your opening sentence: If someone is trying to decrypt your AxCrypt encrypted file, then he/she needs your file password which was used for file encryption. Without the file password, nobody can decrypt the encrypted files.

    You then go on to explain about key sharing and that you don’t recommend sending someone their password, but when I asked about the Public Sharing key you said the other person ‘still’ needs my password.

    So maybe a more direct question would be: As a free user, at the moment, what is the safest way for me to send an encrypted file to someone if you do not recommend I send them my password?

    I understand the Premium service options; but I’m simply trying to understand the safest way for me to send an encrypted file to someone ‘without’ using any of the Premium features.

    If the only way for me to send an encrypted file to someone is to also send them my account password please just tell me that.

    Thank you again.

    #14088 Reply

    von

    Team

    When I tried to share an encr file from the desktop app,

    the email ID box says “add offline” and is greyed out

    How do I add the persons email id.

    Thanks

    von

     

Viewing 15 posts - 1 through 15 (of 25 total)
Reply To: How can I make use of export/import public sharing key or Axcrpyt ID ?
Your information: