Skip to main content

Encryption Format

Encryption is a very difficult thing to get right. We won't go into the depths of why, but in any cryptography course one of the first rules they drill into your head is "don't roll your own crypto." See this StackExchange post for more information.

With that in mind, we evaluated numerous cryptographic schemes to find one that would meet our rather unique needs. We had to consider the unique challenges of our network, which meant:

  • Bandwidth is limited, so we need to keep the size of the messages small and the frequency of key exchanges as low as we realistically can (or dynamic in frequency based on medium/bandwidth). This means as low of overhead as possible on keys/encrypted packets while still maintaining security and forward secrecy.
  • We need to support a wide variety of devices, so we need to ensure that our encryption scheme is compatible with a wide variety of devices.
  • Similarly, we need our encryption scheme to be lightweight enough to run on low-power devices without draining the battery, while still not being cracked by high-power devices.
  • We cannot guarantee message ordering, so we need to ensure that our encryption scheme can handle out-of-order messages.
  • We need to be immune to replay attacks, so we need to ensure that our encryption scheme can handle messages being sent multiple times.
  • Due to our mesh nature and relay nodes, we need to ensure that our encryption scheme can handle messages being sent through nodes that may be compromised or malicious. This means that man-in-the-middle attacks should not be possible.

While we would still like to pursue a post-quantum secure encryption scheme, we have not yet found one that meets all of our needs – especially the need for low overhead. Since we are using Signal's X3DH (Extended Triple Diffie-Hellman) protocol, in the future we may be able to switch to their PQXDH (Post-Quantum X3DH) protocol, which is designed to be post-quantum secure.

Signal Protocol

We are using the Signal protocol for our encryption. The Signal protocol is a well-known and well-tested protocol that is used by the Signal app, WhatsApp, and many other messaging apps. It is designed to be secure, private, and forward-secure, and is widely considered to be one of the best open encryption protocols available.

Rather than attempting to outline the Signal protocol here, we recommend reading the Signal Protocol Overview on the Signal website. This will give you a good overview of how the protocol works and why it is considered to be secure, without us accidentally misconstruing any of the details.

For now, no more information is provided on our encryption scheme, as we are attempting to use the Signal protocol as-is. In the future, we may need to modify the protocol to meet our unique needs, but for now we are using it as-is until we have a better understanding of our needs and the protocol itself and can get a proper security audit.