- How is my key pair generated and stored?
- How is metadata handled?
- What kind of data is transmitted via Google Cloud Messaging (GCM) / APNS?
- Is Tungsten’s code open source?
- How does Tungsten audit its code?
- How do you protect yourself against man-in-the-middle (MITM) attacks with Tungsten?
- Why not make all chats “anonymous”?
Keys are generated according to the Double Ratchet protocol. The identity and encryption keys are stored in the local database that is protected by the OS sandbox. Forward secrecy features of the protocol protects user secrets even in case of unlikely event of encryption key been compromised.
The following information is stored on Tungsten’s servers: persona name, persona picture, phone number (if provided). This data is permanently removed when a user deletes their profile.
We don't transmit message data via Cloud Notification services. The only information we transmit is the fact that new messages are waiting to be fetched. Anonymous personas do not use cloud push notifications by Google or Apple at all, because by doing so we would have to disclose the IP address of the user, which could be used to de-anonymize the user.
Parts of Tungsten soultion are open sourced. Visit our GitHub page. We are currently evaluating going down the full open source route as well.
We are currently working with Germany based Cure53 to audit our code.
We protect Tungsten from MITM and similar attacks in a few ways. For security reasons we won’t go into details, but can say a few things. First off, Tungsten employs a pinning technique to verify that we only connect to official Tungsten servers. Second, Tungsten users end-to-end encryption with strong, out-of-band key verification features.
We want you to be able to use Tungsten as your “everyday” messenger, but also secure enough for your most private conversations.
We developed Tungsten with two goals: 1) Be highly usable; 2) Be very secure, without compromising this high usability. While we offer advanced security in Tungsten (e.g. anonymous profiles, encrypted by Tor), this level of security isn’t necessary for every conversation, so we opted to make this a more advanced security feature optional.