-
Notifications
You must be signed in to change notification settings - Fork 5
Encryption
The current encryption model in the Android client uses simple PGP encryption enforced by a Message/CPIM data structure. This can protect users from the most basic attacks, but unfortunately will not guarantee forward secrecy or plausible deniability (expected for a future release).
The Message/CPIM format was chosen mainly for its adoption in the end-to-end encryption specification RFC 3923 that has been used in Kontalk since version 3.0.
Messages on device storage are not encrypted.
For most users, basic asymmetric encryption would be enough, however, forward secrecy is an important feature that any messaging software should have.
We haven't decided what method we will use yet, but most probably a derivative of OTR.
On-device storage will be encrypted too.