How does Port make secure, identifier-less, end-to-end encrypted chats? 

Port prides itself on being a secure and reliable platform for messaging that protects your privacy above all else. With this in mind, it's important that we're transparent about how an identifier-less connection actually forms when you scan a port and what information is shared when you create a chat over Port. 

Let's take you through the full journey from when you scan a port until you send a message. 

What's a port? What's in it? Is it subject to maritime law? This article by my colleague, Abhinav, has got that covered. As for maritime compliance, (as far as we know) ports do not violate any international maritime laws.

Let's say, you've just scanned a port. Congratulations! You're one step closer to forming a connection with somebody. The good news for you is, your device has got it from here, and you can sit back and relax for the next few milliseconds. Abhinav's already told you all about the information your friend included in the port when it was made, and I'm sure by now you've seen the little lock icon on our chat screen that tells you your chat is end-to-end encrypted. What do we mean when we say, "end-to-end encrypted"? What does your phone actually do with the stuff in the port? Why is this better than <insert popular messaging app>? 

What do we mean when we say "end-to-end encrypted"? 

End-to-end encryption 

End-to-end encryption, or E2EE, is the practice of encrypting data so that it's transmitted securely between two parties. In other words, it makes sure that even if somebody manages to get their grubby little hands on your top-secret messages, they still can't read them. You, and your intended recipient can read them with no issues, but the rest of the world can't. This means you can share things like ATM pin codes, secret recipes, and Batman’s true identity with complete confidence that nobody other than you and whoever you're talking to can see what you're talking about. 

(Unless, of course, if they're looking over one of your shoulders, but surely your spatial awareness is better than that, right?) 

How do we do end to end encryption? 

There's two ways to explain this. What follows is the short version. A longer explanation will follow.

The Short Version

Before you ever connected with your friend, both of your devices generated two secret keys that are related by a math operation. We get you and your intended recipient's device to agree on a common number using these keys. This common number is never actually sent in a message so nobody can intercept it. This shiny new number is used to encrypt your messages, and then your recipient can decrypt them on the other end. 

For somebody to also have the common number that you and your friend have agreed on, they'd have to know all four of your secret numbers, which would take them way longer than they're probably willing to take to figure out. Last I checked, basically nobody had thousands of years to spend doing all the math necessary to figure out how to decrypt your family's top secret pasta recipe.

The Long Version

What does your phone actually do with the stuff in the port? What are these secret numbers? When you scanned that port, behind the scenes, your device generated a pair of keys. We'll call one key a private key, and the other key a public key. What's important to note about these keys is that they're partners in crime. Their notable property is that when one key encrypts something, the other key is the only thing that can decrypt it. Even the key doing the encryption can't decrypt the message itself, it has to be the other key. Your friend's device also made two keys of its own when it generated the port that you scanned, so now each of you have a public and a private key. 

How does my chat get made? 

Let's go back to when you scanned that port. Your device got all the information that we said is in a port earlier, and gears up to actually create the chat. It calls in a favor from an old friend, our servers, and creates a chat between you two. That's that! Right? 

There's just one problem... it's not end-to-end encrypted yet. 

Understanding what happens next relies on you knowing what a port contains, so if you missed it earlier then here's your next and final chance to read Abhinav's article on the subject before I overwhelm you with the gory details. 

End-to-end encryption: the gory details

Remember from the short version, that the goal is to get you and your friend's device to agree on a common key, a shared secret that can be used to encrypt and decrypt your messages. 

Luckily, one of the fields in the port is your friend's public key. After doing some sanity checking to verify that the key has not been touched by an evil hackerman, it then uses that key as well as your private key to generate a unique third key - the shared secret. Except, it's not shared yet, your friend doesn't know what it is. 

Using this currently-not-so-shared secret, your device takes the RAD, a high-entropy random number that it got from your friend’s port and encrypts it. The encrypted RAD is then sent over the chat, along with your public key to your friend. 

Can't I just use my friend’s public key to encrypt messages to him, and they can use mine? And we use our private keys to do the decrypting? Yep, you totally can. The reason we don't is because it's slow. Think of all the milliseconds you're saving! 

What’s all this RAD business? We use the RAD to verify whether you guys successfully generated the same shared secret. Your friend's device uses your public key, and their private key, to generate hopefully the same shared secret, and uses it to decrypt the encrypted RAD you sent. If the RAD they decrypt is the same as the RAD that was in the port they generated, then you’ve confirmed you both have the same shared secret. Importantly - you verified this without ever openly sending the shared secret anywhere, so nobody who's been hijacking this exchange can figure it out. 

How did my private key + their public key, and their private key + my public key generate the same shared secret? That’s a fancy property of the math used to generate the keys. If you’d like to read up more, I just hope you like math. What's ultimately important is that your public key + their public key does not generate the same shared secret, so the shared secret cannot be determined unless somebody gets those public keys and both of your private keys. It’s really hard; trust me, I’ve tried. That said if anybody has advice on getting the FBI off your tail, I’m all ears. 

Here’s that entire procedure, drawn out, for all you visual learners: 

Is that it? 

For messaging to start? Yep, you're all good to go; that shared secret that your devices worked so hard to generate will now encrypt and decrypt everything you send from here on out. There's some additional information that gets sent (encrypted, of course!) in the chat: your profile pictures if you have the relevant permissions enabled for those, your name since you got theirs from the port, but they don't have yours yet - housekeeping at most. 

Why is this better than <insert popular messaging app>? 

The encryption algorithm itself (the thing I just spent ~1,200 words telling you about) is not that different. Port’s distinguishing feature is that it’s identifier-less. At no point in this exchange did you or your friend ever exchange a phone number, username, email, or anything of the sort. If you decide to close this connection afterwards because your friend turns out to be a creep, they don’t have that information to continue to harass you. They won’t have access to you unless you choose to give it to them by generating another port.

Other messaging apps also ask you to trust their servers with your phone number, email, or username, putting your personal information out there for greedy dataminers and evil hackermen. Port doesn’t ask you for any of that information, so we couldn’t share it even if we wanted to. The choice to connect is in your hands. This decentralized trust model puts your privacy first and gives you as a user control over your own data, which is what we're all about here at Numberless. With the privacy concerns of the modern digital era, we believe that Port's connection protocol positions us to meet the demands of security and privacy conscious users.