Documentation
Encryption Standard
What we publish about cryptography — primitives, assignments, and boundaries.
1. Identity & Signing
- Node identity signatures: Ed25519 (RFC 8032).
- Key agreement: X25519.
- Vault-derived root — see KCEP.
2. Messaging
KSMP uses extended triple Diffie-Hellman with a double ratchet for forward secrecy. AEAD protects payload confidentiality and integrity. Session state is device-local; the relay stores ciphertext only.
3. KSMP v3 Transport
KSMP v3 adds server-monotonic sequencing and tickle-only push. Cryptographic layer unchanged; delivery semantics evolved.
4. Attachments & Media
- Attachments encrypted client-side before upload.
- Content keys carried inside message plaintext.
- Voice/video: KVCP with SRTP media plane.
5. Post-Quantum Readiness
Protocol version headers allow hybrid classical/post-quantum migration when standardized algorithms mature. We do not publish migration schedules or hybrid parameter sets in advance.
Withheld Material
KDF paths, ratchet window sizes, prekey batch parameters, and anti-downgrade bitmask layouts are implementation detail — not published to reduce adversarial optimization.