Clone this wiki locally
Current encryption model
The current encryption model in the Android client uses simple PGP asymmetric encryption enforced by a Message/CPIM data structure. This can protect users from the most basic attacks, but unfortunately will not guarantee forward secrecy or plausible deniability (expected for a future release).
Messages on device storage are not encrypted.
Plans for the future
For most users, basic asymmetric encryption would be enough, however, forward secrecy is an important feature that any messaging software should have.
We haven't decided what method we will use yet, but most probably a derivative of OTR.
On-device storage will be encrypted too.