Encrypted Messenger SafeUM is a truly secure app. We developed several encryption schemes and algorithms that provide high cryptographic security level.
How are security keys generated in SafeUM? When you first log in the app, you can generate Public and Private encryption keys based on the Passphrase. A passphrase is a set of words or symbols known only to you.
A passphrase is never transmitted to our servers and not stored on your device. Be sure to remember your Passphrase, otherwise you will never be able (and no one can) get access to the history of your encrypted chats. Only the copy of your Public key is stored on our servers, as it's needed for authentication and verification of your interlocutor. Your private key is never sent to SafeUM servers, it's located in the RAM of your device and erased when you reboot or turn off your device.
If your interlocutor changes his security keys, you'll get a notification and will be able to decide whether or not to continue communication. If you decide to make an additional check of your interlocutor Security keys, you can also use the function "Key Verification by QR code".
Generating the keys in this way (secret passphrase) allows you to create a secure chat without being tied to a specific device (computer, tablet, phone).
How are messages encrypted? An International team of programmers and cryptographers designed a unique hybrid encryption system. EVERY SINGLE message of your chat is encrypted with unique encryption keys. In order to decrypt the chat, one will have to decrypt each message. So, it will take decades to decrypt only one chat.
Secure group chats. SafeUM lets you easily create an encrypted group chat. It's a Moderator, who creates a group, manages settings and sets the privacy policy. Other secure group chat participants don't have access to settings of the chat.
Messages and files are sent to online and offline contacts. Participants can leave/delete group at their discretion. If a contact leaves a group, he'll have access only to the history of the chat in which he participated. If the group is deleted, it disappears from the contact list as well as its history. If someone in the secure group changes the encryption key, other members will be notified. It allows us to identify an authenticity of the contacts.
P2P is a technology that easily solves data protection issues. P2P mode provides direct data transfer between users bypassing our servers. We, as developers, don't have access to the info.
"Man in the middle" attacks are technically impossible because the transfer channels are unknown to the attacker.
Apart of reliable encryption, SafeUM also guarantees sender authenticity and data integrity by implementing digital signature mechanism.
Using P2P you can rest assured that your calls and video calls are under reliable protection. No leaks.
Classical scheme of info transmitting, developed by our programmers, is secure as well. Users communicate though our servers, whereas the info transmitted is encrypted with unique encryption keys.
Encryption algorithms used in SafeUM. We created a hybrid system with all the algorithms combined into a single mechanism to protect your personal data and communication.
Direct dynamic AES key generation scheme excludes data decrypting by third parties if the communication channel is intercepted. Use of ElGamal Elliptic Curve Cryptosystem with a key length of 256 bits provides high cryptographic security level. It'll take several decades and all the computing power of the globe to decrypt each of your messages.
AES (Advanced encryption standard) * - block cipher with CBC mode used, key length is 256 bits. Government Compliance document - FIPS 197 (USA Federal Standard).
SHA-2 (Secure Hash Algorithm) - hash function, block length is 256 bits. Government Compliance document - FIPS 180-4 (latest revision).
PRNG (Pseudorandom Number Generator) - generates a pseudo-random sequence of numbers for cryptographic use. Regulatory document - ANSI x9.17.
Encryption and EC digital signature (ElGamal EC, ECDSA). Regulatory documents X9.63-2001; Public Key Cryptography for the Financial Services Industry - Key Agreement and Key Transport Using Elliptic Curve Cryptography; FIPS PUB 186-4
El Gamal Public-key encryption (Elliptic Curve Cryptography)
Redis – in-memory database that does not use the hard drive to store information.
Mathematical model.
Data transfer between clients and server:
To provide the secure data transfer between client and server, WSS is applied (Websocket Secure over TLS v2.0)
For data transfer and storage, the AES encryption is applied (256 bits key in CTR mode of operation).
Elliptic Curves ElGamal asymmetric encryption is used to provide the keys transfer from user A to user B (the Galois Field size - 256 bits. The field is GF (p) ).
Details:
- the key for each message is generated at random;
- the message or file is encrypted by 256-bit AES in CTR mode of operation;
- the key is transferred in the same cryptographic container using EC ElGamal Encryption;
- the user authority and message integrity is provided by ECDSA;
- each message is transferred with the digital signature;
- for Elliptic Curves Asymmetric algorithms the key size is 256 bits.
Each message is encrypted by some randomly generated AES key, which we considered as X in the algorithms above. Also, for each message the AES IV is generated correspondingly.
So, we have the hybrid system, where the AES symmetric algorithm is used for encryption, and EC ElGamal is used for key transport.
Кеу transport description:
Elliptic Curve: y^2 ≡ x^3 – ax +b (mod p) over GF(p), EC-256 according to FIPS 186-4
Stage 1. Keys generation and calculation. Let x – private key, generated at random, Y = x * P where P is the base point. The private key is bind to the username, user's password, and some additional data. It is unique for each user.
Stage 2. Message Encryption. Let X – some plain data, X < p; X != 0; X!=1;Calculatesomekatrandom, Cb=k*P,Сs=k*Y,с=Cs.X–the abscissa of Cs; Calculate the cryptogram: M1 = Cb, M2 = ( c * m ) mod p;
As a result: Cg = { M1, M2 } = { Cb, cm mod p };
Stage 3. Decryption. Ct = x * M1 = x * Cb;
c' = Ct.X() - the abscissa of Ct;
m is restored as m = ( M2 / c' ) mod p; where the division is considered ad the multiplication on multiplicative inverse of c.
Also, the data integrity and the user authentication is provided. It is implemented by using of the ECDSA, according to the FIPS 186-4 specification. So, each message is encrypted using AES in CTR mode of operation, key length is 256 bit. The AES key is transferred, using EC ElGamal algorithm, and each message is signed using ECDSA digital signature.
The encryption data formats:
- the encrypted data is transferred using JSON formats, RFC 4627
- base64 format (RFC 1421 и RFC 2045)
- the data transfer between client and server is provided using
- WSS (Websocket Secure over TLS v2.0) RFC 6455
- the media data is transferred using SRTP (RFC 3711)
Data exchange protocols and the application:
- TCP, RFC 793 / STD 7 is used as the transfer protocol for WebSockets
- UDP, RFC 768 is used as data transmission carrier for media data
- Base64 (RFC 1421 и RFC 2045) is used to pack the binary data for transferring between clients, and between client and server. Also, the encrypted binaries are packed as Base64
- JSON is used to pack the string data for transferring between clients, and between client and server. Also, the encrypted strings are packed as JSON
- TLS v2.0 (SSL v3.0) is used as en encryption transport layer for WebSockets
- UDP (WEBRTC) WebRTC is used for audio and video communication
- SCTP (WEBRTC) Is used for audio and video communication
- HTTPS (HTTP Secure over TLS v2.0) Is used for the user authorization and access control on control panels
- WSS (Websocket Secure over TLS v2.0) Is applied to provide secure exchange between client and server
- ICE (Turn, Stun) Is used for NAT traversal in LAN, and to provide P2P communication
- SRTP (RFC 3711) Is used for audio and video communication between clients.
Axarhöfði 14,
110 Reykjavik, Iceland