Sylo
Published in

Sylo

Understanding Sylo Encryption

How Sylo keeps you safe

Michael Hayden, retired United States Air Force four-star general and former Director of the National Security Agency, once said: “We kill people based on meta-data.”

Encryption matters.

Sylo encryption overview

All messages, voice calls, video calls, and file transfers on the Sylo Platform are end-to-end encrypted, which means only you and your intended recipients can see the content of what is sent.

“Don’t roll your own crypto.”

This rule implies that instead of writing your own cryptography protocols, developers should “use published, public, algorithms and protocols.”

“Your keys, your crypto.”

This rule refers to the fact that if you do NOT have your crypto wallet keys, YOU do not actually have control of your cryptocurrency and/or wallet assets — whomever has your keys owns everything.

Kerckhoffs’s principle:

“A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.”

The Signal Protocol for chat and files

A huge win with using the Signal Protocol is “forward secrecy” which means even if one message is compromised nothing else is — each message is encrypted with new keys. The Signal Protocol is used for encrypting chat messages end-to-end which means only the person(s) you are talking to can see what you send. Your cryptographic keys used for encrypting are generated on your device and the private components are never ever shared.

WebRTC for voice and video

WebRTC is an “open-source project that provides web browsers and mobile applications with real-time communication (RTC) via simple application programming interfaces (APIs).”

Ed25519 public-key pair for other messaging

Sylo Network users are comprised of both application users and Sylo infrastructure nodes called “Service Peers”. Users are represented by Sylo ID’s, each of a user’s devices is identified by a Device ID. Both the Sylo ID and Service Peer ID are public components of an Ed25519 keypair. Ed25519 is a digital signature algorithm and is an attractive choice due to its speed and relatively small key and signature sizes.

BIP39 seed phrase

Sylo gives encryption key seed phrase ownership over to users as a non-custodial-wallet. You should never share your seed phrase with anyone, the Sylo Support Team will never, ever ask for it. It is absolutely vital that you back up your seed phrase and store it securely in multiple real world locations in case of disaster.

Sylo Service Peers relay data in restricted networks

When a user’s device is in a restricted networking environment (most common when using mobile internet) community run, Sylo token-incentivised Service Peers are there to help relay encrypted data.

Shannon’s maxim:

“The enemy knows the system… one ought to design systems under the assumption that the enemy will immediately gain full familiarity with them.”

At Sylo, we take your security and privacy seriously. Our development work to preserve this is a perpetual evolution.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store