Encryption Overview

Anonymous Deals.net Marketplace Security

The Anonymous Deals.net marketplace uses its own cryptographic service PGPService, which ensures multi-layer protection of data, identities and communication between users. The system combines asymmetric and symmetric encryption, key management and modern security techniques, achieving a high standard of security.

Brief Description

Privacy and security are our priority. That's why the entire marketplace is built on cutting-edge cryptographic technologies:

  • Military-grade encryption - all communication and data are protected by 4096-bit RSA encryption and modern algorithms.
  • Private keys always with you only - your private keys are stored only in encrypted form. Only you have real access to them.
  • Unique encoding of each transaction - each record is protected by a unique initialization vector (IV), making it impossible to analyze patterns or guess content.
  • No password storage - your access phrase (PIN) is never stored on the server, it exists only during your login session.
  • Multi-layer protection - even in case of database compromise, all sensitive data remains unreadable without your key.

Your data remains encrypted at rest and is decrypted only when you need it.

Detailed Description

1. Encryption technologies

  • Asymmetric encryption: uses RSA keys of 4096 bits length for message encryption and decryption.
  • Symmetric encryption: Halite library implementation for encrypting larger volumes of data.
  • Key management: generation, encryption and secure storage of PGP keys.
  • Brute force attack protection: salting and key derivation from user PIN.
  • Leak minimization: sensitive data is not logged, private keys are never stored in decrypted form.

2. Key handling process

2.1 Key generation
  • During registration, a PGP key pair (public + private) is created.
  • The public key is stored in the database in open form.
  • The private key is stored only encrypted with the user's PIN (KEY).
2.2 Private key storage
  • The private key is always stored in the DB only encrypted.
  • The KEY (user password) is never stored on the server or in the database, it exists only during active session.
2.3 Session management
  • After login, the KEY is stored only in session.
  • After logout or session expiration, the KEY is irreversibly deleted.

3. Data encryption and decryption

3.1 Encryption:
  • Data (e.g., user demand) is encrypted with the public key.
  • A unique initialization vector (IV) is generated for each operation.
  • Encrypted data and IV are stored in the database.
3.2 Decryption:
  • The system retrieves the encrypted private key and IV.
  • The user provides their KEY, which is in session.
  • The private key is decrypted only when needed.
  • Subsequently, it is used for decrypting the actual data.
  • After display, both the decrypted private key and data are removed from memory.

4. Security layers

  • Protection against database breach: attacker gains no access to private keys because they are always stored encrypted.
  • KEY absence: without knowledge of the user's PIN, it's impossible to decrypt private keys.
  • Unique IV for each encryption: eliminates pattern attacks and ensures that even identical data encrypts differently each time.
  • No permanent storage of sensitive data: private key never appears in clear form outside user session.

Thanks to this solution, sensitive data is always protected at rest and decrypted only on user demand, while the combination of multiple protection layers (RSA 4096, Halite, PIN, IV, session management) makes attacks on the system practically unfeasible.