It’s easy to create a poor encryption system, and very difficult to create a good one. But as a mobile user who just wants to be sure that your communication is private and secure, how can you tell the difference?
Fortunately, you don’t have to be an expert on encryption yourself to find out. Good encryption systems have been independently reviewed by experts, so that you can be confident they’ve stood up to thorough testing and prodding by peers. They’re also well documented: the details of how they work are published and available for further review. This may seem counterintuitive; wouldn’t you want to keep something like that a secret? But think about it: if your encryption system is only secure because you’ve kept the way it works a secret, then it’s pretty poorly designed. If even one person does figure out how it works, the entire system is compromised.
When an encryption method is published and available to the world for review, and remains secure—that’s how you know you have well-designed encryption.
Similarly, good encryption systems are designed in such a way that the providers themselves can’t read your messages. You shouldn’t have to trust the company that offers your messaging or VOIP service: if their servers are hacked, or they’re given a government subpoena to turn over your messages, your communication could be at risk. But if the company itself never has access to your encryption keys, it doesn’t matter if they’re hacked or if a government demands access to your messages. All of the data is encrypted and can’t be read.
Silent Circle’s Silent Text and Silent Phone apps meet all of these criteria, and more. We invite expert analysis and review of our work, and have active Bug Bounty programs for both our apps and the Blackphone system to reward researchers who help us find and close bugs in our products. You can learn more about our technology here.
Not all encryption is created equal. Find out how yours stacks up.