One giant leap for messaging
Our security model is utterly game-changing. Olvid is the first and only messaging system whose security no longer relies on any trusted third party, either operators or their servers.
Olvid servers get hacked? Not an issue! No one will ever be able to read your messages, including the servers relaying them. It is forever impossible. Nor can any users identities ever be revealed. Olvid is the only system that also encrypts metadata, thus guaranteeing the anonymity of interlocutors. Finally, Olvid guarantees the authentication of users, contrary to all messaging servers that replace trusted third parties...
Cryptographic guarantees
Security ensured solely by cryptographic measures (as opposed to login/password simple access control).
Strong authentication
Users identity guaranteed without the need for a trusted third party
No trust in servers
Persistent security even in case of a compromised server
Forward Secrecy
Messages history stays confidential and protected even in case of key compromise. The messages remain inaccessible because each message and file exchanged is encrypted with a single-use ephemeral key.
Multi-channel solution
For Android, iPhone, iPad, Mac, Windows, Linux, with synchronization without master device.
Anonymity
Inability of the operator to know "who is talking to whom". No third party could ever identify the participants, not even the server. No trace of any metadata.
Don’t take our word for it
We do everything to ensure that Olvid remains the most secure messenger in the world. That’s why we submit our work to the critical scrutiny of outstanding professionals with complementary skills. Judge by yourself. And Olvid is now Open Source !
Scientific validations
To create Olvid, our cryptologists designed custom cryptographic protocols and adapted theoretical protocols to real-world constraints.
The results of this work have been formally validated by Michel Abdalla, Adjunct Professor at ENS, CNRS Senior Researcher and Chairman of the Board of IACR (International Association for Cryptologic Research).
The article formalizing his results is published in this IACR ePrint .
ANSSI Certifications
Olvid is the first and only instant messenger to have received one (then two!) Security Visas issued by ANSSI (CSPN certifications).
Security scope, certification reports and ANSSI certificates are available here for iOS and here for Android.
In a rare move for transparency, we are also publishing the two Technical Evaluation Reports produced by the excellent team at Synacktiv.
Security challenges
Authentication + Data Encryption + Metadata Encryption
Authentication
Guarantee the use of the right key to ensure that you reach the right person.
Data Encryption
Use this key properly, with state-of-the-art mechanisms, to ensure that no third party can ever see your exchanges.
Metadata Encryption
Protect all the information with this key in order to preserve the anonymity of exchanges.
Olvid solves 3 issues in one single app
No current means of electronic communication can guarantee these 3 qualities simultaneously:
- Encrypted emails guarantee user authentication but the security level of exchanges is not enough.
- Instant messaging apps offer various encryption qualities but do not guarantee user authentication.
- Emails and instant messaging apps leave traces on servers...
What are the others doing?
Encrypted e-mails
Focus on authentication
No forward secrecy
Plain text unencrypted metadata in the header
Email can never provide an acceptable security level
“Secure” Messaging (consumer grade and professional)
Focus on end-to-end encryption
Mandatory access to personal data to operate
Faillible authentication based on a central server, one or more trusted third parties
What about post-quantum cryptography?
We’ve got you covered!
Resistance of cryptographic algorithms to quantum computers has been a recurring question for the last few years. The symmetric cryptography used inside Olvid today is already resistant to this kind of machines, but this is not the case for the public-key primitives. The reason being that, as of today, no "Post-Quantum" standard exist.
For this reason, the NIST (National Institute of Standards and Technology) has initiated a worldwide competition (NIST - Post-Quantum Cryptography) to select one or more quantum-resistant public-key primitives. The winners should be announced later this year. The architecture of the cryptographic engine inside Olvid has been designed from the start to easily accommodate these new algorithms once they are ready. Thanks to this, we will be among the first to implement these new post-quantum standards inside a commercial product.