There are a few encryption algorithms which have been approved by the US National Institute of Standards and Technology or NIST for security, such as Advance Encryption Standard or AES. The encryption algorithm uses a secret key to encrypt the sensitive data. The secret key is composed of long string of characters that is impossible to guess.

For example, AES-256 uses 32 characters or 256 bits for the secret key. One has to correctly guess all the 256 bits to find an AES-256 secret key. The encrypted data are unrecoverable unless one has the same secret key that was used to encrypt the data. The security of the encryption algorithm, as well as the effectiveness of the encryption function in hiding the data, is ultimately boiled down to the security of the secret keys.
Secret keys must be protected and this is often achieved by one of the following approaches.

Secure Hardware

The secret keys are stored in plain text in secure hardware, such as phone's SIM card, smart card or a secure memory and access to the secret keys stored in secure hardware is protected by a password. The entities possessing the password can gain access to the secure hardware and retrieve the secret keys.

Secured Encryption

In another approach, the secret keys themselves are encrypted - with the help of an asymmetric encryption algorithm, such as Certificate-Less Authenticated Encryption or CLAE. In this approach, the secret keys are portable as they can be stored anywhere - not necessarily on secure hardware. Only the entity who has the private key can retrieve the secret key protected by an asymmetric key algorithm.

In summary, CLAE is an asymmetric encryption algorithm that provides ultra security and the simplicity to share the secret keys with anyone, anywhere over the Internet. Think of CLAE as as a secret exchange protocol that can securely exchange any secret between two entities.

Immediate Advantages

  • Adding both authenticity and confidentiality to every message.
  • Send secure, encrypted email to anyone in the world at any email address.
  • End-to-end security without relying on S/MIME or TLS/SSL.
  • There is also no need for checking or storing certificates by recipient(s)

Benefits of CLAE

  • Reduce costs: Without the need for a certificate authority, storing the certificates or obtaining a certificate license, while relaxing the administrative work, the operation costs will be reduced.
  • Reduce local storage: CLAE eliminates the need for public-key certificates and removes the requirement for secure local storage, making it the ultimate solution for mobile devices.