Introducing Black SMS

As mentioned in "What encryption do you use?" below, Black SMS users can either share pre-established passwords, or they can share public keys. Sharing the public keys is done by sending messages that contain those public keys. This means that the more people participate in the conversations, the more trusted public keys you have. Once you've identified the correct public key for all the participants in the conversation, your communication becomes truly end-to-end encrypted for text. Contact us for more details.

What is Black SMS for iMessage?
Black SMS is compatible with iOS 10 Messages, where you can now password-protect your messages without ever having to leave the iMessage app. Encryption is just one tap away. If you send the message to someone who doesn't have iOS 10, they'll still be able to read it through a URL that links to a self-destructing message, however security is at 100% when the recipients are on iOS 10.

BlackSMS protects privacy with AES-256, a military grade cryptography algorithm. 

Users share a pre-established mutual password which the app converts into keys

under the PBKDF2 standard — rehashing the password repeatedly using SHA-256

and a 256-bit salt. The cipher data is sent encoded inside of nonsecret data by use of 

steganographic algorithms—appending the data onto a link using Base64, manipulating 

pixel bits to hide it, or even encoding it onto "fake replacement texts."

Alternatively to sharing a pre-established password, users can share public keys with each other and use RSA protocol to exchange randomly generated 256-bit symmetric keys.

Finally, we also encrypt every message with an additional layer using a randomly generated key that can be thrown away to "self-destruct" the message.

No, the point of encryption is that it makes your communication secure over any channel (even a public one!). Unfortunately, many services that call themselves "end-to-end encrypted" are actually taking care of the key distribution using the very same channel of communication. When the channel of communication is involved in distributing the keys, then the communication is prone to man-in-the-middle-attacks.

Black SMS is more of your traditional "encryption tool." The app will generate your keys locally, offline, and then use them in communication over Apple's iMessage server — which in the first place has its own layers of security.

Your messages remain confidential only to you and the inteded recipient.

When you're sending messages all day, every day, especially over somebody else's channel, you risk the fact that they are permanent. You have to throw away your encryption keys somehow, if you want to destroy the information. It is therefore not a good idea to concentrate all the needed cryptodata in one device (your phone!). Our servers are responsible for an *additional* layer of symmetric encryption that we regularly purge so that your messages self-destruct.

Encryption is often a politically controversial issue outside of just this app. Our viewpoint is that encryption and privacy is a right every human should have and that the possibility of it being used nefariously is not a reason to deprive people of that right. Black SMS was not built for the intention of cheating and we do not condone such activity.

You can learn more by contacting us — or by sniffing your own network packets :)