Technology

CryptoCult and all products offered use certified cryptographic mechanisms in absolute measure. The communication runs through the Internet in a secured encrypted way. Thus there is no risk of disclosure of any usable information to third parties even with public Wi-Fi eavesdropping.

Network communication

The entire CryptoCult's communication runs through the Internet. For traffic control (i.e. establishing and terminating voice calls, signaling contacts' availability, and delivering text messages), the Session Initiation Protocol (SIP) is used. Connection between the clients and the SIP server, which can be likened to a switchboard, is secured using the Transport Layer Security (TLS) protocol.

Voice calls

Security of voice calls is ensured by the Secure Real-time Transport Protocol (SRTP) which provides protection against eavesdropping, data modification and repeated use of captured data. Data are encrypted using the AES-256 cipher and their integrity is verified using the HMAC-SHA1 checksum. For the exchange of the master key from which keys used for actual encryption and verification are derived ZRTP protocol is used.

The main advantage of the ZRTP protocol is that no shared secret information known to both parties beforehand which might be used for communicating parties' mutual authentication is required. Diffie-Hellman key exchange, which enables establishing a shared secret while communicating over a public channel, is used as a first step.

To provide protection against the man-in-the-middle attack, an attack where the attacker actively enters the communication and impersonates the communicating parties, verification of the fact that both parties obtained identical shared secret is required after the key exchange. If an attacker enters the communication of both parties the keys which each party obtained would be different.

A four-letter code derived from the key and called the Short Authentication String (SAS) is used for verification. This code is read aloud and matched by both parties at the beginning of a call. If there is a history of calls between the parties an additional layer of protection is provided by incorporating some information derived from previous sessions.

All keys used during the call are destroyed after the call is terminated. Thus the captured encrypted data cannot be decrypted even if one of the communicating parties is forced to cooperate with the attacker.

Text messages

Text messages are secured according to the OpenPGP standard. OpenPGP is based on asymmetric cryptography. Every user has a key pair consisting of a public and a private key. As the name suggests, the public key is to be published. Any user can then use this public key to encrypt a message which only the holder of the private key will be able to decrypt.

CryptoCult's implementation of the OpenPGP standard supports the RSA cipher for all operations, i.e. encryption, decryption and signing of messages, the ElGamal cipher for message encryption, and the Digital Signature Algorithm (DSA) for message signing. A wide range of symmetric ciphers used for protecting the message content itself is supported. The AES cipher with key lengths of 128, 192 and 256 bits, and the CAST5 cipher are fully supported. Decryption of messages protected by the 3DES and TwoFish ciphers is also supported.

CryptoCult enables you to generate your own PGP key (RSA) securely inside the application; you do not need to rely on third parties' products to perform this task. You can also import and use keys generated by other applications such as GnuPG or PGP Desktop.

E-mail

E-mails are, like text messages, secured according to the OpenPGP standard. CryptoCult's integrated e-mail client supports standard protocols for e-mail exchange such as POP3, IMAP and SMTP. The connection with the e-mail server is generally secured using the SSL protocol. Establishing encrypted communication using the STARTTLS protocol is also supported.

Protection of application data

Both application data and user data stored in the data vault are encrypted using the AES-256 cipher. The encryption key is derived from user's password using the PBKDF2 function. To ensure security, 160 bits of cryptographic salt are added and 4096 iterations of the HMAC-SHA-256 hashing function are carried out. This method of key derivation provides increased protection against attacks on the user password, which is typically the weakest point in the system.