Security in Crypho

Download security whitepaper

Download the Crypho security whitepaper in PDF format. No registration necessary.

Security Overview

Crypho uses several layers of protection to provide privacy and security. All data should be end-to-end encrypted without Crypho or anyone else having access to the encryption keys. There should be no way for Crypho or a third party to gain access to any of the data. Even if the data is intercepted, stolen or seized, it is worthless without access to the members’ keys.

Cryptography

Crypho uses several well known and battle-proven encryption algorithms and libraries to ensure privacy:

  • ECC Encryption The El-Gamal Elliptic Curve 384-bit prime curve is used.
  • AES We use authenticated AES with 256-bit keys in CCM mode.
  • Scrypt We use the standard scrypt algorithm with N=16384, r=8, p=1.
  • Randomness All random numbers/IVs/keys are generated by a derivative of the Fortuna algorithm found in the Stanford Javascript Crypto Library. The entropy generators are initialized with random numbers coming from the built-in strong cryptographic RNG of the browsers.
  • Crypto primitives All crypto primitives used by Crypho are based on the Stanford Javascript Crypto Library.

For an in-depth review of how Crypho uses cryptography for authentication, signing & encryption please see Crypho’s security whitepaper.

Authentication & two-factor-authentication

Crypho uses the Time-based One-time Password Algorithm (TOTP) for two-factor authentication. Upon registration the server generates a TOTP secret. The member can then choose to use SMS/text messages to receive TOTP tokens, or to generate them through Crypho’s mobile app.

Web app security

Regardless of the encryption mechanisms described above, all communications between the Crypho servers and web browsers or mobile applications are encrypted using HTTPS/TLS (Transport Layer Security). While this makes no difference to the privacy of the data transmitted (since they are end-to-end encrypted) it helps further safeguarding client-server communications and mitigate man-in-the-middle attacks.

Crypho pays close attention to security announcements on new vulnerabilities on the HTTPS/TLS protocols and adapts if necessary in a timely fashion.

To protect users from cross-site scripting attacks (XSS), Crypho’s web app uses Content Security Policies to declare approved sources of content that are allowed to run in the Crypho web application.

Mobile app security

User interactions such as entering a long passphrase can be a challenge on mobile devices given their small form factor. To solve this problem Crypho developed a secure storage mechanism that uses native device security when available and complements it with strong cryptography when necessary.

Thus we allow the member to authenticate without entering her passphrase every time, by cryptographically storing the her key pair on the device. The member can opt-out of this feature, in which case her passphrase will be required every time she uses the app. This is recommended in hostile environments.

To enhance security and transparency, Crypho has released its secure storage plugin as well as its scrypt implementation for mobile as open source software on Github.

Privacy, anonymity and metadata

Crypho protects the contents of your conversations and files you share by end-to-end encrypting them with keys that are only under your control. Crypho is not anonymous. It aims to keep your data private, while providing all of the features expected by a communication service.

For example, Crypho’s server is aware of when a new message is posted in a conversation and notifies users via the web or mobile notification system. Since Crypho does not have access to the contents of the conversations, it is impossible to include the content of the message in the notifications (which would’ve been a security risk in itself anyway).

Our servers have no knowledge of your message contents, but stores things like your email address, your telephone number, your contacts in Crypho, the IP addresses you use. Crypho also stores additional data such as the time you logged-in, or when a message was sent and by whom.

Crypho does not disclose any of this information or share it with third parties, except when needed in order to fulfill its operations.

Open Source software

Crypho is Open Source, so that both yourself and security experts can independently review the source code to confirm that it does what it should and does it the right way. This way the security community and can review Crypho continously, see that cryptography is used in the correct manner and that there are no back-doors or security holes.

Crypho’s source code on GitHub

Operational security/hosting

Crypho maintains strict policies on operational security. All our code is peer-reviewed for security before deployment and we maintain a large number of automatic tests that target security specifically.

No cloud services are used for hosting or storing of the user data. Crypho is hosted on dedicated servers in Norway in order to keep our infrastructure under strict control. All your data is protected by Norwegian law.

Responsible vulnerability disclosure

We perform regular security audits internally and communicate regularly with security experts globally. Our engineering team has strong security-related background and experience. However, no software is without bugs. If a security vulnerability is found, Crypho will disclose all information relating to the bug after it is fixed. We strive for transparency and trust.

Data ownership

All information exchanged using Crypho’s service is owned by the members participating in the conversation. Crypho does not not claim any ownership of this data. Our architecture additionally makes it impossible for us to decrypt and access it.