Sense Chat Encryption

This describes how encryption works in Sense Chat.

Sense Chat uses asymmetric end-to-end encryption (E2EE) ensure the security and privacy of messages in 1:1 chats and groups. Private encryption keys are generated and stored on the user's device only.

Sense Chat does not support decryption on multiple devices because the private keys are not exportable by the user or stored on any Sense Chat servers.

Encryption and Privacy

Encryption is a mathematical process by which a message that can be read by anyone (plaintext) is encoded into a secret that can be sent through any number of middlemen and not be read by anyone unless they have the private encryption key that can decode the secret message back into plaintext.

Encryption does not always mean users have privacy. In most messaging systems (for example email, Facebook Messenger, Instagram, Telegram) the messages are encrypted between your device and the server however, either the messages are stored unencrypted (plain text) or the encryption keys are stored on the same server essentially allowing unauthorized access. Even with strong encryption, unless they are using E2EE, then there are always places where messages can be decrypted into plaintext.

Messaging Encryption

E2EE means that only the communicating parties (sender and receiver) are able to read and/or modify the messages. It prevents any potential eavesdropping - including internet service providers, cell phone companies, or even Sense Chat employees and admins. Since no one has the private key for encryption, the messages look like gibberish.

For example, the plaintext of this messages might say "hello" or it might say "goodbye" or it could say "the brown fox jumps over the lazy dog " - it's impossible for anyone who does not have the encryption keys to be able to decode this message or even tell the length of the message.

MIIChwIBAzCCAj4GCSqGSIb3DQEHA6CCAi8wggIrAgECMYIB/DCB+wIBAqAKBAgSDAlQSS7MXjAFBgMrZXAEgeIwgd8CAQAwKjAFBgMrZXADIQD1y4kpy6kAZLYrj6YbIy8NIp7mwbaM/ZdwYG81nL58uDAYBgcogYxxAgUCMA0GCWCGSAFlAwQCAgUAMEEwDQYJYIZIAWUDBAICBQAEMCApyz8GXXn5zXHnXFX1Ko78rXW/Y5uvtSOugw5d7XLr4yPYxyMCQY1cFLUlsI3sJzBRMB0GCWCGSAFlAwQBKgQQGWrl4Wbj8xc+KvYzdy6oxQQwoRZHiprYxs7RsZHFwV/l3Py5kg5pAJkgSzSDZ7padswoDz/e6Q2iPn+Ae0HduXucMIH7AgECoAoECDwo1lKiw5PUMAUGAytlcASB4jCB3wIBADAqMAUGAytlcAMhAOe7Ce9gVCd4GWKrYWSDltuQWMUFsaEzuKQP1/3r3qVsMBgGByiBjHECBQIwDQYJYIZIAWUDBAICBQAwQTANBglghkgBZQMEAgIFAAQwB4BTL1jQ9bD56DfMurgn0G48stVs2nQHv4+dkv4SUoW5kR8JWIC5SrZ8V1pXbDdWMFEwHQYJYIZIAWUDBAEqBBAXp6JnqNFp7367yd7dCVCJBDDFla2yVC0WzlHtFg9WyZNU/UFEoUMO1d9JgEJBPOAMu1xX45Yg+SiMs5ZuaQfGlTswJgYJKoZIhvcNAQcBMBkGCWCGSAFlAwQBLgQM53d8ekqeIW+J/IYeoQ8wDQYLKoZIhvcNAQkQAx6iHzAdAgEAAgIAoKAUMBICAQAwDQYJYIZIAWUDBAIDBQCjDjAMBgorBgEEAYOsGwEDE9jD1LuxrGhyDcTKnnkD9ToCSuzC2SXds/5AzG/DO2wu6PpSKFNYaJYfpH1HzqqXeGjfEw2iqsw+atdRi2xRVy8SA6W84fhpkPlZ6ywN3YlI8oQSK/Xs1W/aqsMTHjoKfoLLYY+aQR0tHarpIw6LSWqi3bXTsfKNLsu/oa0jyS3lFKhh2caUrC9vddLWjr1Fq89vu+uR266VA2PH0nxykjvu4JGZkHWZbzISDQg4hm2YgWkuLohvp+kOGfQp8m9y0Urm+Zio/k/Qyc6STc7e6oIFIu0DGF0B+kn4ZC+Zg1slSSP4dPSu1zwPDOrQme/txw/YpDCSDDeND/JZKEoGzen8PyUpaGrLqSalSFUEjGEeYCNzA+DY5XnRt+bEXxo0Yw==

Sense Chat stores a catalog of public keys connected to each user's account. Each account has many public keys, the keys are ratcheted and provided from the Sense Chat application on each user's device.

Each Sense Account (SenseID) is an address. Any Sense Chat user can lookup the address and the key used to send an encrypted message, but only the owner of that SenseID has the keys to open the mailbox and decrypt the mail.