The Opolis Message Security Architecture –
Explained Simply ....

• The chosen and actually typed in Password will be extended to at least 16 characters and repeatedly hashed by the Opolis Secure Mail Client.
• Both, the Log In Name and the processed Password are both encrypted with the Public Key of the Opolis Secure Mail Server. This Public Key of the Opolis Secure Mail Server is already embedded in the Opolis Secure Mail Client. This measure guarantees that the actual typed in Password, which is needed to decrypt the secret individual Private Key of each User
• is never transmitted over the public Internet,
• is never transmitted to Opolis in its function as a Service Provider (who therefore cannot read any of the User's E-Mails),
• is never stored on any local PC, and
• never leaves (and is only used on) the local PC.

• Using these two Keys for encryption ensures - based on best knowledge of technical standards - an extremely high level of security for any Opolis User. Currently the Public and Private Keys in use are 1.024 Bits long. Keys of such length have (yet) never been hacked.

• is never transmitted over the public Internet,
• is never transmitted to Opolis in its function as a Service Provider (who therefore cannot read any of the User's E-Mails),

• Layer 1: The (naked) Message is created
  The Opolis User creates a (naked) Message composed of Subject (i.e. header), Message Content (i.e. main text body) and various Attachments with the Opolis Secure Client Message Editor. Such a message can either be a New Message or a Reply, Forward or Resend Message.
• Layer 2: The (naked) Message is encrypted with the Public Key of the Recipient
  With pressing the Send button but prior (!) to transmitting the Message to the Server, the Subject, Message Content and the Attachments are all encrypted with the personal Public Key of the respective Recipient. Hence only the Recipient – and nobody else - will be able to decrypt the Message (composed of Subject, Message Content and Attachments). No other party will ever be able to “open” this Layer 2!
• Layer 3: The required message delivery data is wrapped around Layer 2
  Layer 3 is composed of the required message delivery data to send the Message correctly and embeds among others: name of the Sender; name of the Recipient; time Message sent. This information is in such format that it can be read and interpreted by the Opolis Secure Mail Server.
• Layer 4: Both, the encrypted Message and the required message delivery data are encrypted with the Public Key of the Opolis Secure Mail Server
  All the previous Layers 1 – 3 are bundled and encrypted with the Public Key of the Opolis Secure Mail Server. Please Note: The Opolis Secure Mail Server will only be able to read the required message delivery data (Layer 3), but will not be able to access any data or information of the actual Message (Layer 1 and Layer 2) which had previously been encrypted via the Public Key of the Recipient.
• Layer 5: As a final Layer transmission and check-sum information is wrapped around all present Layers to ensure the authenticity of the complete, bundled Message
  Transmission and check-sum information embed data to ensure that the encrypted message is physically correctly transmitted and can be properly “assembled” again.

Only now is the Opolis E-Mail ready to be physically sent to the Opolis Secure Mail Server.

• Step 1: The Opolis Secure Mail Server receives the bundled Message and reads and interprets the transmission and check-sum information (Layer 5).
• Step 2: Layer 4 of the bundled Message is decipherable with the Private Key of the Opolis Secure Mail Server and gives access to Layer 3.
• Step 3: The information of Layer 3 (required message delivery data) is stored on the Opolis Storage Systems.
• Step 4: The data of Layer 2 (the encrypted Message) - which is not readable by the Opolis Secure Mail Server - is stored unmodified on the Opolis Storage Systems.
• Step 5: The Opolis Secure Mail Server confirms Step 1 – Step 4 to the Opolis Secure Mail Client. Only now is the Message deemed “delivered” by the Sender and ready to be received by the actual Recipient.

• Step 1: The Opolis Secure Mail Server receives the bundled Message (which contains the “Get Message” request) and reads the transmission and check-sum information of Layer 5.
• Step 2: Layer 4 of the bundled Message is decipherable with the Private Key of the Opolis Secure Mail Server and gives access to Layer 3
• Step 3: The data of Layer 3 (required message delivery data and - in this case - the request for a Message) is read by the Opolis Secure Mail Server and the matching encrypted Message from Layer 2 is loaded from the Opolis Storage Systems.
• Step 4: Layer 3 with the required message delivery data will be wrapped around Layer 2.
• Step 5: With the creation of Layer 4 the encrypted Message (Layer 2) and required message delivery data (Layer 3) are encrypted with the Public Key of the actual Recipient of the Message.
• Step 6: In creating Layer 5 the transmission and check-sum information is wrapped around all present Layers (Layers 1-4) to ensure the authenticity of the complete, bundled Message.

• Step 1: The Opolis Secure Mail Client receives the bundled Message and reads the transmission and check-sum data (Layer 5).
• Step 2: Layer 4 of the bundled Message is decipherable with the Private Key of the actual Recipient of the Message and gives access to Layer 3.
• Step 3: The data of Layer 3 (required message delivery data) is read and processed by the Opolis Secure Mail Client.
• Step 4: Layer 2 of the Message bundle is decipherable with the Private Key of the actual Recipient of the Message and gives access to Layer 1.
• Step 5: Access to Layer 1 has been granted to the Recipient and Subject, Message Content and Attachments are shown together with the required message delivery data and various additional information.