SafeSwiss uses state-of-the-art asymmetric cryptography based on Elliptic Curve Cryptography (ECC) in general and on the ‘Box’ model of the NaCl Networking and Cryptography Library; to protect (encrypt and authenticate) messages between sender and receiver, as well as the communication between the app and the servers. SafeSwiss encryption code is open to independent audits.
There are two layers of encryption: end-to-end layer between the conversation participants, and an additional layer to protect against eavesdropping of the connection between the app and the servers. The latter is necessary to ensure that an adversary who captures network packets (e.g. on a public wireless network) cannot even learn who is logging in and who they are sending a message to.
The asymmetric keys used in SafeSwiss have a length of 256 bits, and their effective ECC strength is 255 bits.
The shared secrets, which are used as symmetric keys for end-to-end message encryption (derived from the sender’s private key and the recipient’s public key using ECDH, and combined with a 192 bit nonce), have a length of 256 bits.
The random symmetric keys used for media encryption are also 256 bits long.
The message authentication code (MAC) that is added to each message to detect tampering and forgery has a length of 128 bits.
Unlike the majority of other messaging providers, your identity in SafeSwiss is not dependent on you providing a phone number or email address. Every SafeSwiss user can choose their own SafeSwiss ID (when creating a new SafeSwiss account). This unique ID is your address in SafeSwiss – making it possible to use SafeSwiss with complete anonymity, with the option of not disclosing any personal information.
Your unique SafeSwiss ID is one of three key components that make up your identity in SafeSwiss. The other two components are a public key and a private key used for the encryption process. Your unique SafeSwiss ID is permanently tied to your public key. The public key is sent to our SafeSwiss secure servers to be distributed to your recipients, the private key remains securely stored on your device.
Many providers of secure messengers claim that their product encrypts the messages that users exchange. However, most of the server operators can still read the content of the messages due to the following reasons:
SafeSwiss uses state of art end-to-end encryption technology and enables users to verify the public keys of their conversation partners.
Lost SafeSwiss passwords cannot be recovered. However, you can reinstall the SafeSwiss app then set up a new SafeSwiss account (you will lose all saved messages as well as your SafeSwiss ID unless you have a backup).
If you activate your application protection PIN, but forget the PIN, you can type in an incorrect application PIN 10 times. This will automatically lead to the SafeSwiss login screen again, then you will need to type in your SafeSwiss ID and password to access the SafeSwiss messaging app. If you also forget you SafeSwiss Password, this cannot be recovered - see above.