Tunneling With Unique Addresses
For Enveloperty users any legal character before the @ makes a valid email address. Providing virtually infinite email addresses for use. This way users can fundamentally mold the characteristics of their system. Utilizing the 64 legal characters available in an email address results in 1e+100, or a googol of possibilities!
The most common naming scheme is human readable and descriptive. So an email address for Target might be target123@ but it is very important to include numbers! The numbers make it virtually impossible to guess an address in the first couple tries. After the first couple tries Enveloperty blocks the attacking connection.
Click For Specific Use Case
Infinite unique addresses in and of themselves aren't useful. What makes the system useful is the folder system. The user will create folders based on common themes, priority or something else entirely. Unique tunnels will be channeled to a folder for organization. The folders can be imbued with certain permissions. A common permission is to interrupt you in the form of a notification.
The folder system is meant to make sure you're only bothered by the email you want when you want it. This fits very well with an inbox zero approach. The inbox folder is for email that needs to be dealt with immediately and notifies you. The rest of the email is stored a click away in contextual folders. Keeping you focused without worrying or needing several searches to find an email!
An enormous part of security isn't necessarily being able to defeat an attacker, but having the perception that it isn't worth it. The strength of many systems is the perception of their strength and the understanding of immediate immense consequences for trying.
The active defense mentality Enveloperty holds is meant to deter attackers from wanting to try, let alone actually defending an attack. The shadow banning tactic communicates to attackers that for much less resources you can get a much better reward attacking someone else
It's common knowledge that password reuse is bad. Most people realize at least one accounts credentials has been breached so those credentials will be programatically tried against popular websites. With Enveloperty unique addresses, users won't have the same address logged with any two websites or services. Further disrupting credential stuffing than just using different passwords!
Another possible naming scheme is a cryptographic number set. This can be as simple as button smashing and copy pasting into the contact book. Or it can be as sophisticated as cryptographic frequency hopping. Moving from calculated address to address presenting a formidable defense.
For whatever reason there is a fox in the hen house, now what can Enveloperty do? The first benefit of Enveloperty in this situation is the attribution unique addresses provide. The response team can see what authorization token the bad email used to get in. A chain of custody can be started from that sender.
Furthermore, once the breach is identified, the organization can lock out the compromised account by nullifying the access token. Inhibiting the attackers horizontal movement through the organization.
Security Through Trust Simplicity
A no trust system is an expensive system. The way Enveloperty works is users trust certain senders per unique address. So when an email comes in with a certain authorization token aka the unique address, the sender better be authorized to possess that token. Otherwise we classify that email as phishing.
The definition of phishing varies widely depending on who you talk to. Enveloperty classifies phishing as any email using authorization they aren't supposed to. The goal of the sender could be malicious or not, until proven otherwise they are viewed as a threat. This is necessary because of the plethora of opportunities bad actors have from installing malware, hijacking browsing data or credentials theft.
Enveloperty responds to all outside traffic with a success message. When success and failure look the same, it is inconceivable to be able to iterate. Otherwise attackers could brute force mailboxes until they received a success message.
Primarily this tactic is to deter attack. However, this approach can eat up attacker talent and resources making them unavailable for other targets. This is because attackers can devote infinite resources with the same non result. Incurring a very disproportionate minimal cost to the host.