How Does Search Encrypt Work?

Search Encrypt is a private search engine designed with privacy as its core value. Search Encrypt protects your privacy by encrypting your search terms, expiring your search history and using advanced SSL encryption. We’re sharing a bit about how we encrypt your searches and, as a result, protect your privacy.

Contents

• What Happens When You Search with Search Encrypt?
• Search Encrypt Redirects Searches
• Search Encrypt’s Encryption Methods
• Perfect Forward Secrecy
  • Search Encrypt vs. Other Search Engines
• Why Should You Use a Private Search Engine, like Search Encrypt?

What Happens When You Search with Search Encrypt?

1. Search Encrypt checks the URL of each website you visit. We do not log or store that data anywhere.
2. For your privacy, Search Encrypt intercepts the requests if it’s on our list of sites that may track your searches.
3. Search Encrypt encrypts your search locally using industry standard AES-256 encryption.
4. Your locally encrypted search term is securely transmitted to our servers.
5. To provide you with the most relevant results possible, we then decrypt your search term and securely request results from our search & content partners.
6. We aggregate the most relevant results and securely display them to you.
7. For added security, your local search history, for any search we protect, expires and can’t be accessed after you’ve finished searching.

Search Encrypt’s Encryption Methods

Encryption happens when an algorithm scrambles your data into an unrecognizable “cipher” form. An encryption key is then required to view the data in plain text. There are many types of encryption. Search Encrypt uses AES, which is the most widely used encryption algorithm. AES-256, which has a 256-bit cipher key, is used by the NSA for TOP SECRET classified information.

AES-256 Encryption

AES, Advanced Encryption Standard, is a data encryption standard endorsed by the National Institute of Standards and Technology (NIST). It replaced the previous standard, Data Encryption Standard, DES. AES is a more secure system for internet communications and transactions. Two Belgian Cryptographers, Joan Daemen and Vincent Rijmen, created AES in October 2000. The system was originally called Rijndael before being accepted as the new encryption standard, AES. Rijndael offered security, performance, efficiency, implementability, and flexibility beyond that of any of the other candidates for the new encryption standard. Some well-known uses of AES include Signal Protocol, used in Google Allo, Facebook Messenger, and WhatsApp. The technology is also used in certain game engines, like Rockstar’s Advanced Game Engine used in Grand Theft Auto IV to deter hacking in online multiplayer game modes.  AES-256 denotes that the encryption key size is 256 bits. AES supports 128, 192 and 256-bit key sizes. 256 bit keys mean that there are 2²⁵⁶ options for encryption keys. The number of options is bigger than the number of atoms in the perceivable universe. In other words, no person, or computer, will be able to “guess” the key. With current computing capabilities, cracking a key of this length would take millions of years.

SSL (Secure Socket Layer) Encryption

Secure Socket Layer, SSL, is a cryptographic protocol that encrypts communication on a computer network. It allows for secure transfer of sensitive information like financial info, passwords or Social Security numbers. Websites that process payment via credit card must have an SSL certificate. SSL works by creating a public and a private key. These two keys then create a secure and encrypted connection. Websites with SSL certificates communicate with the user’s browser to let it know that a secure connection is available. Without SSL encryption, sites transmit user information in plain text. This means that anyone with access to the network could theoretically access the data. SSL encrypts this data so it can’t be easily leaked or hacked.

Expiring Search History

Beyond the traditional encryption methods, we use a short lived key for client side encryption of search history. This means that you, or anyone with access to your computer, can’t access your search history after you’ve finished searching. Because we use an expiring key, your search history is totally gone, even if a hacker accesses the encryption key.

Perfect Forward Secrecy

Search Encrypt offers perfect forward secrecy. This is any encryption method in which a breach of the long-term key doesn’t compromise past session keys. For our users it offers a sense of security, because even if the NSA or hackers were able to access our servers, we store none of your information. Through a combination of advanced encryption, expiring browser history, and not storing user information, Search Encrypt delivers a secure and private search experience.

Search Encrypt vs. Other Search Engines

• Most search engines track your searches. Search Encrypt doesn’t track search history in any user identifiable way.
• Other search engines use your personal information to serve you targeted ads around the internet. Search Encrypt serves ads on its results page only, and they are based on you search term and nothing else!
• Search Encrypt uses local encryption so your search terms aren’t as vulnerable to hackers who otherwise could see what you were searching for.
• Search Encrypt uses AES-256 encryption combined with expiring encryption keys which mean your search terms essentially disappear after you’re done searching.

Why Should You Use a Private Search Engine, Like Search Encrypt?

• Private search engines don’t track you.
• You can keep other people from seeing your search history.
• Private search engines can’t follow you around the internet with ads.
• Your data can’t be hacked or leaked if your search engine never collects it.

Read More about the importance of private search engines.

Using Forward Secrecy to Protect Your Information

Basically, perfect forward secrecy, or PFS, is an encryption method that allows short-term, totally private communication between clients and servers. ExtraHop calls PFS “the cyber security Cone of Silence.”

How Does Perfect Forward Secrecy Work?

Perfect forward secrecy is any encryption method in which any breach of long-term keys doesn’t compromise past session keys. One way this is done is through using passwords. The long term key is a password that is shared between the communicating parties, and the short term key (or session key) is generated randomly and then expires when the communication is over.

The goal of forward secrecy is to make sure that data and information exchanged between parties is not available after the transmission has occurred.

How To Test Perfect Forward Secrecy

If you have access to your server, you can use this command to see if your server is using perfect forward secrecy:

openssl s_client -connect example.com:(port number, e.g: 443)-cipher ECDHE-RSA-RC4-SHA

Visit Makandropdedia to learn more about using this test on your server.

You can also use Google Chrome, if you want a simpler check. Chrome will tell you if a site is secure and using forward secrecy by clicking the left side of the URL box. It will tell you who the SSL certificate was verified by and what encryption method the server is using.

How Does Search Encrypt Use Forward Secrecy?

Search Encrypt uses PFS to ensure that even if your computer is compromised, or you just want to keep your searches private from other users on your computer.

Expiring Browser History

Even if someone gets access to your computer, your encrypted search terms can no longer be viewed.

Advanced SSL Encryption

Search Encrypt uses SSL certificates to protect sensitive information, as well as your browsing activity.

While many search engines promise forward secrecy, this isn’t always the case. Search engines that prompt you to log-in or use your email address often track your searches and link them to your email. They use this information to sell to advertisers to market to you more effectively.