Security is the basis of "Barracuda Messenger" where end-to-end encryption is applied, which ensures complete reliability and protection of correspondence through messages and outgoing/incoming calls from listening and / or interception and decryption by third parties
“Barracuda Messenger” uses end-to-end encryption (E2EE, end-to-end encryption) —this is multilayered encryption with a transition from asymmetric to symmetric encryption algorithm, i.e. it is a data transfer method in which only users, participating in communication, have access to messages. Thus, the use of pass-through encryption does not allow access to the cryptographic keys by third parties. Direct and reverse secrecy is provided, which means that it is impossible to read messages sent earlier and written in the future, having only the current encryption key.
Barracuda Messenger uses a combination of AES-256 encryption and RSA encryption, unified with a protocol Diffie-Hellman-Merkle (DHM) encryption to encrypt communications.
RSAis one of the most successful, asymmetric encryption systems today. Unlike traditional symmetric encryption systems, RSA works with two different keys: public and private. The process of signing a document, a fingerprint is attached to the file, encrypted with RSA, which allows the recipient to verify both the sender and the integrity of the document.
AES - 256 (Advanced Encryption Standard), a symmetric encryption algorithm, also known as Rijndael (Randal) is one of the most frequently used and most secure encryption algorithms available today, a block size of 128 bits, a 128/192/256 key) for encryption of a text. To date, there is no real attack on AES and therefore AES remains the preferred encryption standard for governments, banks and high security systems around the world.
Diffie-Hellman-Merkle, (DHM) is a cryptographic protocol, an algorithm that bridges between asymmetric (RSA) and symmetric (AES) encryption, and also authenticates the distribution of keys, making it possible for a certain number of interlocutors to conduct encrypted correspondence, sending only public keys on the open channel.
Each user publishes his public key, which changes every day. A key exchange algorithm is applied. End-to-end encryption assumes that encryption keys are known only to the parties, communicating with each other. To implement this condition (key generation), a cryptographic protocol was used, allowing two or more parties to obtain a shared secret key using an unprotected communication channel. The received key is used to encrypt further exchange.
Encryption keys are secret information used by a cryptographic algorithm when encrypting or decrypting messages. The reliability of encryption is determined by the reliability of hiding secret keys, but not by hiding the algorithms used.
Basic encryption keys vary:
1.Secret keys are used in symmetric algorithms - this is encryption, generation of authentication codes.
2. Asymmetric keys are used in asymmetric algorithms, which are a key pair, since they consist of two keys:
- the private key is a key known only to its owner.
- the public key is a key that can be published and it does not allow to determine the private key.
Session keys are keys generated between two users to protect the communication channel.
Barracuda Messenger users do not need to independently generate key pairs, sign, protect private keys, revoke old ones - it is done automatically.
Barracuda Messenger quite often changes session encryption keys, and the main encryption key changes when the other party has changed the device or turned off for a long time. When changing the primary key, for the reasons described above, the message sent to the other party cannot be delivered, since the primary key has changed, and the application will not automatically send the message again.
Audio and video are as safe as messages. Audio and video are encrypted with end-to-end encryption (E2EE) using the Signal Protocol, which gained maximum recognition among cryptographic specialists. The source code of this protocol is completely open and subjected to multiple checks by independent experts.
End-to-end encryption ensures that only the sender and the recipient have access to the source text of the message! This means that user information becomes inaccessible even to servers that transmit data. Encryption occurs on end-user devices, moreover, the data remains encrypted until it is delivered to its destination, so this end-to-end encryption is essentially “zero access” or “client-side encryption”.