CrypTalk ensures strong encryption for information exchange. The app provides strong encryption, authentication and perfect forward secrecy using standard, proven crypto-primitives: Elliptic curve Diffie-Hellman key exchange and AES256 block cipher on levels 1 and 2, aswell as One Time Pad encryption on the 3rd level.

Goals set prior to the app production:

  • Mobile devices only
  • At least 256bit security for entry level users
  • Military-grade security for demanding users
  • Proven, well known and publically available crypto-primitives
  • User friendly

First Level

  • This level is intended for use in everyday situations, for users that need quick and easy to use crypto security.
  • There is no need for in-person contact between users prior to a private conversation.
  • Who you need to trust:
    • CrypTalk Server for basic authentication
    • Standard crypto-primitives (ECDH, AES with 256-bit key)
  • After going through the initial registration and receiving a unique identification key from CT server, all further communication is secure
  • End to end encryption. CT is unable to read your messages

Second Level

  • Before communicating, one in-person contact between parties is needed. Users need to exchange identification keys. After that, unlimited number of secure communication sessions is possible.
  • No need to trust CT due to innitial key exchange being performed locally.
  • Who you need to trust:
    • Standard crypto-primitives (ECDH, AES with 256-bit key)

Third Level

  • Military grade encryption through OneTimePad, provably secure cipher.
  • Before communicating, an in-person contact between parties is needed. Users need to exchange a long key generated by one of the users using random movements. After that, a limited (but not small) number of ‘brute force attack’ immune secure communication sessions is possible. In every session the long key is used for encryption and deleted immediately after, providing unbreakable security. In every moment a user is given information regarding the key length remaining to be used.

CTS (CrypTalk Server)

Trusted authority for level 1 and user management for all three levels.

The server keeps a contact list for every user, the users unique id one and way hashed telephone number.

In case the CTS is compromised, only the first level of security is threatened (whereas already established levels 2 and 3 remain secure).