Encryption conventions permeate every part of the Internet. There are many different protocols, each with its own merits and in some cases vulnerabilities. Despite providing end-to-end encryption, the policies and practices of popular free apps can put your reputation at risk.
- Facebook wants to use homomorphic encryption to monetize WhatsApp and Messenger user data
- Telegram actively shares user data with government agencies and censors content
- Viber has various security and privacy issues
Myntex Inc. engineered our most secure mobile solution, ChatMail, to be the best in the world. We prove our encryption with live data extractions for enterprise organizations and we are the only encrypted phone provider to do so.
ChatMail’s Advanced Message and Parsing protocol, known as CAMP, protects users of our encrypted phones across multiple layers. The reasons behind our decision to incorporate the custom cryptographic algorithms we use is the focus of this exposé.
Parsed Messaging Encryption
Myntex designed ChatMail with privacy in mind, utilizing multiple encryption algorithms. PGP, which stands for Pretty Good Privacy, is the system we use to relay encrypted external email. We were the first to parse PGP. Our parsing algorithm takes encrypted email and displays it in an easy-to-read message bubble to look like a chat message. That’s why we named it ChatMail. It is the only system to automatically identify both internal and external users. Internal users default to elliptic curve encryption and external users default to PGP. ChatMail’s Unified User Interface displays internal email in blue and external email in grey. The algorithm used is shown in each individual message.
Our default system uses the strongest encryption protocol available, safeguarding you and your data. Internal ChatMail clients use high-speed, state-of-the-art Diffie-Hellman Elliptic Curve25519 cryptography, with optional fallback to PGP. External users are PGP by default.
True End-to-End Encryption
Combining the most reliable algorithms in cryptography, our CAMP protocol ensures customer privacy with leading-edge security. The choice to use Elliptical Curve Cryptography for E2E encrypted messaging was for privacy.
Encryption begins on the sending device using ECC 25519, so that even if the recipient is not using the phone to accept the message promptly, it will remain encrypted in a delivery queue and cannot be decrypted or read until downloaded on the receiving end. Your data is never stored in plain text.
We use message encryption by default. Our customers cannot send or receive unencrypted messages. Users’ voice messages, pictures and notes are always encrypted. With ChatMail, your content is encrypted in transit, at and only stored on your device.
ChatMail key exchange for encrypted calling works with the Zimmermann Real-time Transport Protocol. With ZRTP, parties verbally confirm matching shared codes to ensure calls are private and have not been intercepted. Secure RTP protects ChatMail encrypted calls from eavesdropping.
Transport Layer Security is used to configure encrypted calling traffic. Our encrypted calling uses ECDHE X25519 (the last “E” stands for “ephemeral” which is suited to mobile devices as it is faster) with TLS 1.2 ciphers. This keeps calls and messages private and secure by removing them from prying eyes on the public internet.
ChatMail features tamper proof hardware and encryption that experts consider to be quantum proof:
- Hash: SHA-384 – our Secure Hash Algorithm transforms cryptographic keys with an output of 384 bits, providing unbreakable protecting against key length extension attacks
- Cipher: AES-256 – the algorithm used to perform encryption or decryption is called a cipher and AES-256, also referred to as Military-grade encryption, is the Advanced Encryption Standard adopted by the U.S. government to protect classified information
- SAS Rendering: B256 – SAS stands for Sharing a Secret, and we use it with the PGP word list to convert strings of code into simple phrases used for authenticating encrypted calls, thereby preventing Man-in-the-Middle attacks, while B256 indicates the key size in bits
- Auth Tag: HS80 – an Authentication Tag in ZRTP confirms each encrypted audio frame sent over an SRTP channel and HS80 is an 80-bit tag, which is preferred for security purposes
- Key Agreement: X25519 – encryption is performed by keys and the key size for ECDHE X25519 is 256 bits, which provides forward secrecy as an extra layer of protection against hackers, so that if one message was ever compromised, it would not affect the security of future messages
The Importance of Server-Side Security
Our data center acts as a delivery system for mobile solutions. We do not store any sent or received messages on our servers. Therefore, we also do not keep a roster. A roster is a list of contacts associated with clients for apps that retain messages on their server. Even if the company says they delete messages after 24-hours, it will leave a roster of contact information. When you delete a message from ChatMail, since there is no server storage there is no record of it.
Companies that delete messages older than 24 hours do not delete message threads and they often contain weeks’ worth of confidential communications. For an example, Telegram notes in its policy, “We store messages, photos, videos, and documents from your cloud chats on our servers so that you can access your data from any of your devices anytime without having to rely on third-party backups.”
Myntex removes the need for local server storage with our CAMP protocol. ChatMail is the only encrypted mobile solution supported by a private data center. Encryption protocols are irrelevant if the server has a backdoor or if user data is shared with marketers, governments, or other entities.