Future Proof Confidential Messaging.
Quantum-resistant chat encryption using device-to-device Bluetooth key exchange. No servers, no backdoors. Stream ciphers protect your chats now and in the future.
Quantum-resistant chat encryption using device-to-device Bluetooth key exchange. No servers, no backdoors. Stream ciphers protect your chats now and in the future.
Chiffr will always be free to use. Protect your privacy end-to-end at no cost.
Our secret keys are exchanged locally so the encryption is invulnerable to even a quantum attack.
Generate your secret keys locally and share them via Bluetooth. They are never uploaded.
You can encrypt each chat with either a Stream Cipher or use AES, it's up to you. Change methods anytime.
Boost encryption strength with randomness—choose iPhone device entropy or use an image to seed a ChaCha CSPRNG.
We use widely trusted, publicly available algorithms. See our open-source encryption library on GitHub.
Follow these steps to get started with Chiffr:
Unlike traditional messaging apps that rely on internet-based Diffie–Hellman key exchange, Chiffr leverages a encrypted, direct Bluetooth connection between devices to share encryption keys.
Our most secure encryption, derived from photo entropy, uses a bit-by-bit unique stream cipher to ensure your data is unintelligible to any quantum computer, government or corporation now and in the future.
You can permanently erase chat history and encryption keys with a single tap and your erased data will remain forever undecodable. We promise to never collect and share you information.
Chiffr is a secure, private communication tool that provides quantum-resistant encryption by generating Stream Ciphers and AES keys locally and exchanging them securely via Bluetooth.
Yes, Chiffr is completely free to use and its encryption methods are open source.
Our encrypted chat app allows users to choose between AES (Advanced Encryption Standard) and a Stream Cipher based on a pseudo-random number generator (PRNG) for message encryption. Encryption keys and ciphers are never stored off-device, ensuring maximum security.
For key exchange, we utilize Bluetooth Low Energy Secure Connections (LESC) , which leverages Diffie-Hellman key exchange for encryption. Since this exchange occurs locally over BLE, it is never exposed to network traffic, significantly reducing the risk of interception compared to internet-based key exchanges.
Both the AES key and the stream cipher are securely transmitted with Bluetooth LESC.
When generating the stream cipher, users have the option to introduce additional entropy from images captured on the device. While we recognize that the ChaCha CSPRNG is pseudo-random rather than truly unpredictable, PRNGs are widely used in industries such as banking and are considered sufficiently secure for practical encryption purposes.
We remain transparent about these security trade-offs and are committed to continuously improving our encryption methods.
Quantum computing is advancing at an exponential pace, with qubit counts increasing significantly each year. Traditional key exchange methods, such as Diffie-Hellman and Elliptic Curve Cryptography, rely on the complexity of mathematical problems to establish a secure shared secret. However, quantum computers could break these methods, intercepting and decrypting communications.
Chiffr enhances security by facilitating key exchange over Bluetooth, ensuring that keys are never stored remotely. Both the Stream Cipher and AES-256 provide strong resistance against quantum threats.
All data is transmitted via Bluetooth using Secure Connections Pairing (Bluetooth LESC) to prevent passive eavesdropping and MITM attacks. You will be asked to confirm a 6 digit code during your first transfer of a secret key with a contact.
A Stream Cipher is a binary data file generated from a psuedo random number generator (PRNG). When you share a Stream Cipher with a contact, each message will use a unique portion of the cipher for encryption, and it is never re-used for another message.
Exchanging a Stream Cipher or AES key ensures both parties have access to a secure key for encrypting and decrypting messages. By avoiding internet-based transmission, the key remains private and significantly less susceptible to interception.
Each bit of the cipher is used exactly once per corresponding bit of plaintext and is never reused, ensuring strong cryptographic security. Our Stream Cipher has a fixed size of 200 KB, providing sufficient entropy for approximately 5,000 messages. Once the cipher is fully consumed, a new Stream Cipher can be securely exchanged to maintain confidentiality.
Yes, you can start a chat but the messages will not be encrypted until you share a Stream Cipher or AES Key via Bluetooth.
To sign up, you’ll need to provide an email address. Once registered, a random username will be assigned to you, which you'll use to interact with your contacts and participate in actions like being added to conversations.
Yes, when you or your contact delete the chat history, both the messages and ciphers will be permanently removed for both parties.
No, your information is never shared with any third party beyond what is necessary for authentication. We use Firebase Auth to manage sign-ins securely, but we do not track your activity across other apps. Signing up for Chiffr only requires an email address, which remains private—other users cannot see it.