How Cyphr Works

Our Design Goals

Cyphr is a secure messaging application. Principle design goals of the application include:

  • Communication must be as easy as possible

    Ideally, the application is as easy to use as any normal unencrypted messaging app. The points where encryption is required should not burden the user with extra knowledge or activity except where absolutely necessary.

  • The user can make informed choices about their level of privacy and security

    If a feature is introduced that requires information to be shared, the user can optionally disable that feature. This gives the user control over their experience and allows them to tailor the app to their own desired trade-offs between security and functionality.

  • Golden Frog has Zero knowledge of the message content

    Message data is always encrypted in a way that only the sender and the recipient can view the data. This includes any Golden Frog servers or network devices in between the sender and the recipient.

  • Golden Frog stores only the minimum amount of metadata necessary to help transmit message content

    To send and receive messages through Golden Frog's systems, certain metadata must be known. In addition, by the nature of the way the Internet works, other metadata has to be known. Golden Frog stores only the metadata necessary to deliver the message to its final destination, and it only stores metadata long enough to guarantee that delivery.

Encryption Technologies Explained

Symmetric Key Encryption

A key is like a password that can be used to unlock a safe. To encrypt a message, the sender puts the message in the safe, and then locks the safe with the key. Once the safe is closed, no one can read the message unless they have the key. The recipient uses a key to open the safe, and pull the message out. This is decryption.

With symmetric key encryption, both the sender and recipient have the same key. They have to share the key with each other, which means they have to trust each other. Symmetric key encryption is generally preferred because it's faster, but because two people have the same key, you can never be sure that the other party hasn't shared the key.

Public Key Encryption

With public key encryption, two keys are used - a public key and a private key. A sender uses the recipient's public key to open the safe for putting messages in the recipient's safe. The public key can only be used for putting messages in the recipient's safe, so even though the safe is "open," the sender can't actually access anything inside. The safe has a one-way opening. The sender uses the recipient's public key to encrypt the message. To read the message, the recipient uses his private key to open the safe. The private key is what allows him to pull messages out. We call it the private key because only the recipient has access to it, and because it only opens the recipient's safe, we can be sure that the message can only be read by the recipient. Thus, the recipient uses the private key to decrypt the message.

The public key and private key are related by some very complex math that allows this to work. The important thing is that with this method, as long as the sender knows the recipient's public key, the sender can send messages that he knows only the recipient (or someone holding the recipient's private key) can read.

Public Key Verification (Signing)

Using the same keys as those used for encryption, the sender can stamp his messages in such a way that he proves he sent them. In this case, the sender stamps the message with his own private key. When the recipient receives the message, he can find the sender's public key and the public key will line up with the stamp from the sender, proving that the recipient – and only the recipient – sent the message. We call the stamp a signature and we call the process of lining up the stamp a verification.

With this method, a sender can verify to the recipient that they sent the message. This prevents someone from masquerading as someone else and sending false messages.

Message Transmission Process

Cyphr marries the encryption concepts mentioned above to produce an end-to-end encrypted solution. When someone sends a message to someone else, the message is encrypted on the sender's device (phone, web browser, computer, etc.) and is not decrypted until it reaches the recipient's device. The process of sending a message at a high-level is:

  1. The sender signs his message with his private key so the recipient can know he sent it
  2. The sender creates a one-time throwaway key
  3. The sender encrypts the message and signature with the one-time key
  4. The sender looks up all of the recipient's public keys
  5. The sender encrypts the one-time key with each recipient's public key
  6. The sender signs the encrypted one-time key with the sender's private key so the recipient knows he created it
  7. The sender sends both the encrypted key and the encrypted message to the recipient via Golden Frog's Cyphr servers

All of this work is done on the sender's device, so Golden Frog doesn't have access to the original message. Because the message is encrypted by a symmetric key Golden Frog does not have, Golden Frog cannot decrypt the message. Because the symmetric key is encrypted by each recipient's public key, only the recipients can access the key needed to decrypt the message. At this point, Golden Frog is storing encrypted data that can't be decrypted until a recipient reads it.

The process of receiving a message is:

  1. The recipient downloads the encrypted key and encrypted message from Golden Frog's Cyphr servers
  2. The recipient uses his private key to decrypt the encrypted symmetric key
  3. The recipient uses the symmetric key to decrypt the encrypted message
  4. The recipient looks up the sender's public key
  5. The recipient uses the public key to verify the message and the encrypted symmetric key were sent by the sender

All of this work is performed on the recipient's device, which is the only place the private key lives. As long as the device is secured properly, only the recipient can read the messages. Even if someone else were to download the message, they wouldn't have the recipient's private key and so they could not read the symmetric key. Without the symmetric key, someone else cannot read the encrypted message.

Other Considerations

In addition to the use of the message transmission process above, Cyphr also implements the following:

  1. When a recipient reads a message off the server, their copy of the message is deleted from the server
  2. Where possible, message history on the device is encrypted using locally available encryption options
  3. When storing messages for delivery, the Cyphr servers only store time received and recipient metadata (data about the sender is not stored as it is not necessary)

More Specifics

  1. The 30-year-old, proven RSA algorithm is used for both public key encryption and verification
  2. 256-bit AES encryption is used for the symmetric message encryption
  3. TLS is used for secure transmission of the encrypted message data to and from Cyphr servers
  4. Cyphr servers are located in Zurich, Switzerland, where they conform to Swiss privacy laws