Backed by patented VES technology for e2e encryption of data-at-rest
VES Product Suite
Extend the benefits of VES to your internal team or external customers: e2e encryption of data-at-rest, VESrecovery, VESauth, public key infrastructure and more.View more
Leveraging the innovative VESlocker tech for authentication & authorization - hardware grade cryptographic user access with the convenience of only a PIN and your device.View more
Email e2e encryption that works seamlessly behind the scenes with: any IMAP account, any email client, all major platforms, enterprise & personal and has a set-and-forget convenient user experience.View more
A superior microservice for encryption of data-at-rest that mitigates the looming 3rd & 4th party data breach vulnerability of hosted data-at-rest encryption services.View more
Viral Encrypted SecurityLearn more
Safety and Security
VES establishes a new paradigm in the combination of safety from key loss,
and the full security of undiluted end-to-end-encryption (e2ee). In the past, users
would have to choose between uncompromised e2ee with no chance of
recovering encrypted content if the key is lost, and giving a third party a
copy of the encryption key for some safety but at the price of diminished
privacy and a substantial risk to security.
Go to the Safety section below to learn more about how VES
can reduce the risk of key loss to lower than 1 in 14 trillion!
Those odds are much lower than any other key recovery method of which we know.
Not only does VES provide safety without compromising security, it can provide
a new benchmark in that level of safety too.
to setup & use
Simple to create & setup
The easiest and best way to create a VES account is by signing up with a
3rd party app through VESauth.
VESauth is present whenever you see the Secured by VESvault logo
as you sign up with the app.
Post VES setup
There may be additional setup steps specific to the 3rd party app. With a crypto wallet, this may include securing a wallet seed. With VESmail, this pertains to configuring the email app with the VESmail settings that are single-click copied from your VESmail Account Manager page and pasted into the exactly matching fields in your email app.
Simple to add a device
You essentially repeat the above process when you want to add another
device for your VES enabled app, but with one
step swaped out for another. Instead of receiving an email with a link,
you will enter your PIN on the device that already has your VES account connected
to it to enable the same VESkey on the new device. Very simple, very fast.
You can also add your VES account to another device without including the 3rd party app in the process, by using the drop down menu on the upper left on this page. But, it's faster, easier and better if you do it through the 3rd part app so that you can immediately use the app on the new device.
Using VES - simply invisible
Generally, VES works invisibly behind the scenes and your never
need to think about it. For full cryptographic grade access security,
some VES enabled apps, such as crypto wallets,
may require you to enter your PIN every time you access this app.
Other apps, such as VESmail, may not require this to use the app.
from key loss
Level 1: the VES enabled 3rd party app
You may have multiple VES enabled apps. Each app has its own dedicated app encryption key, which enables the app to function. You have a single VESkey, which is the master encryption. Your VESkey is always stored locally on your device - it may be in the app itself or it may be in the browser local storage. The app itself, or the browser with which it may be connected, is the primary location for your keys. Should the key(s) at this location become inaccessible, you will need to retrieve a copy from another key redundancy location.
Level 2: VES browser extension
When a 3rd party service uses a browser instead of an app, your VESkey is stored
in the browser local storage. In this case the VES browser extension becomes the next
level redundancy. The VES extension guards against the VESkey being inadvertantly erased
by the user from the browser local storage. For privacy reasons, most browsers have
an option to erase the local memory and this will also delete the VESkey. The VES extension
prevents this from happening as there is no user option to clear the memory in the VES
Level 3: Add Another Browser/App
An additional copy of the VESkey is stored in each Browser/App that is added. This can be done
on the same device itself by adding the browser in addition to the 3rd party app, but even
better it can be done accross multiple devices. The more devices added, the better as this protects
against key loss resulting from losing the device itself. Having two or more devices with your
VESkey very significantly protects against the risk of key loss. It also allows you to use
your app on all your devices.
Level 3+: PIN/VESkey
Having a browser with the VES extension enabled on all your devices even with 3rd party apps provides another dimension of level 3 redundancy. In such a case, even if the app itsel becomes unusable for some reason, for instance in the unlikely event there is some sort of global hack to the app that destroys the 3rd party app on all your devices, you can still use the browser to retrieve a copy of your app key. Simply select the View My Keys option, enter your PIN and retrieve a copy of the app key.
Level 4: VESrecovery
1 in 14 trillion...VESrecovery can become that safe, and even safer,
from key loss. When your VESrecovery network is just being set up, it may not provide
much protection from key loss. But, that will change very quickly as your network grows just a little
and eventually, VESrecovery should become the safest, most robust key redundancy of all the options.
Level 5: VESkey/app key paper copies
When it comes to encryption, you should ALWAYS have paper copies of your VESkey and app keys
stored safely in one or more separate locations. Write them down on paper and
put them some place safe. Or, copy them to a USB thumb drive that does NOT bet backed
up to the cloud.
Level 6: 3rd party app redundancy
The 3rd party app may have an additional redundancy that can be used outside of VESvault
to retrieve your content. In the case of crypto wallets that are secured by VESvault, the
3rd party may provide a wallet seed that can regenerate the wallet encryption key. If that's
the case, you will be able to use the seed to retrieve your crypto wallet contents.
e2ee and more
VES uses open source, industry standard encryption alogorithms, which have never been known to have been hacked.
No shared master key
Your VESkey is the master key required to decrypt all of your encrypted content in your primary VESvault.
The only place your VESkey resides is the local storage of the browsers on each of your
devices that have been enabled with your VES account. There are no other copies of your
VESkey, anywhere. It is not shared with anyone, including VESvault Corp.
No collusion risk
VESrecovery is a breakthrough innovation of a highly reliable way
to recover encrypted content if the master key is lost or inaccessible,
without creating the risk of collusion from friends who have tokens
that can be combined to construct an encryption key. It eliminates the collusion
backdoor that otherwise dilutes the security of end-to-end encryption.
Shadow vault & shadow key
The shadow vault is a mirror image of the content in the primary vault, but with the
critical distinction that it is not encrypted by the VESkey but rather by
the shadow key. The VESkey cannot decrypt the shadow vault and the shadow
key cannot decrypt the primary vault. The shadow key is encrypted by the recovery key.
Using a process similar to Shamir's, the recovery key is converted into a series of tokens,
each of which is useless by themselves in reconstructing the recovery key. A pre-defined
number of these tokens must be used collectively to reconstruct the recovery key.
The improbability of collusion
The best way to show that the collusion risk is neutralized is to walk through
the path a collusion hack would have to take to be successful.
Even if a hacker were to get access to one of your devices, they could
not gain access to your primary vault without your PIN. Assuming they don't
know it, they only way to get it would be brute force multiple attempts.
Security Time Delay
Security Time Delay is a breakthrough innovation that acutally
gives you the ability to stop any front door hack in progress, before the attack
can be completed. You don't have to rely on technology to stop the hack. It puts you control!
connected to VES
VESencrypt (Docker container)
For SAAS providers
If you're interested in connecting your SAAS to VES,
go to ves.host
VESrecovery odds calculatorOpen
Try changing numbers in the yellow boxes to see the estimated probability of VESrecovery.
N= Number of unique Friends for each person
p0=%Probability a user loses complete access to their VESkey since last usage
x = Number of Friends needed to respond to enable VESrecovery
VESrecovery probability formula:
L is defined as Level.
Disclaimer: The probabilities generated in this calculator are estimates only. The calculator can not and does not represent or guarantee the true probability of key loss or VESrecovery. Factors affecting reliability include, but are not limited to: the number of friends in the network, the number of friends chosen by each user to achieve VESrecovery, the number of connected devices, and the probability that any individual user will not lose their VESkey. The actual level of reliability is completely determined by each individual user's VES network and VESvault Corp makes no representations or guarantees about the reliability of VES recovery for any individual's VES network. VESvault Corp cannot assist in setting up a VES network nor can it recover any lost content or VESkeys.Hide