One giant leap for messaging
Our security model is utterly game-changing. Olvid is the first and only messaging system whose security no longer relies on any trusted third party, either operators or their servers.
Olvid servers get hacked? Not an issue! No one will ever be able to read your messages, including the servers relaying them. It is forever impossible. Nor can any users identities ever be revealed. Olvid is the only system that also encrypts metadata, thus guaranteeing the anonymity of interlocutors. Finally, Olvid guarantees the authentication of users, contrary to all messaging servers that replace trusted third parties...
Security ensured solely by cryptographic measures (as opposed to login/password simple access control).
Users identity guaranteed without the need for a trusted third party
No trust in servers
Persistent security even in case of a compromised server
Messages history stays confidential and protected even in case of key compromise. The messages remain inaccessible because each message and file exchanged is encrypted with a single-use ephemeral key.
For Android smartphones and iOS. Eventually for desktop, with sync, without any master device.
Inability of the operator to know "who is talking to whom". No third party could ever identify the participants, not even the server. No trace of any metadata.
Authentication + Data Encryption + Metadata Encryption
Guarantee the use of the right key to ensure that you reach the right person.
Use this key properly, with state-of-the-art mechanisms, to ensure that no third party can ever see your exchanges.
Protect all the information with this key in order to preserve the anonymity of exchanges.
Olvid solves 3 issues in one single app
No current means of electronic communication can guarantee these 3 qualities simultaneously:
- Encrypted emails guarantee user authentication but the security level of exchanges is not enough.
- Instant messaging apps offer various encryption qualities but do not guarantee user authentication.
- Emails and instant messaging apps leave traces on servers...
What are the others doing?
Focus on authentication
No forward secrecy
Plain text unencrypted metadata in the header
Email can never provide an acceptable security level
“Secure” Messaging (consumer grade and professional)
Focus on end-to-end encryption
Mandatory access to personal data to operate
Faillible authentication based on a central server, one or more trusted third parties
What about post-quantum cryptography?
We’ve got you covered!
Resistance of cryptographic algorithms to quantum computers has been a recurring question for the last few years. The symmetric cryptography used inside Olvid today is already resistant to this kind of machines, but this is not the case for the public-key primitives. The reason being that, as of today, no "Post-Quantum" standard exist.
For this reason, the NIST (National Institute of Standards and Technology) has initiated a worldwide competition (NIST - Post-Quantum Cryptography) to select one or more quantum-resistant public-key primitives. The winners should be announced later this year. The architecture of the cryptographic engine inside Olvid has been designed from the start to easily accommodate these new algorithms once they are ready. Thanks to this, we will be among the first to implement these new post-quantum standards inside a commercial product.