Table of Contents

Passwords and encryption

The application layer networking protocol used by Underpass is custom-designed and encrypted from end to end. Your entire chat, including the Underpass protocol itself, is encrypted. At the transport layer, Underpass uses the standard, reliable Transmission Control Protocol (TCP) to communicate between two devices over IPv4 and IPv6 networks. This is the same transport layer protocol used by nearly all networking applications in the world. (Some real-time audio and video applications use UDP instead of TCP when speed is more important than reliability.) If someone captured the packets of an Underpass chat, they would only be able to see the IP address and port number of the sender and receiver from the TCP/IP packets, as is the case for all internet traffic. Otherwise, all of your data is encrypted. The packet traces will appear to the observer to be totally random garbage.

For encryption, Underpass uses the AES-128 algorithm. This is perhaps the most widely used symmetric encryption algorithm in the world. It is approved for use by the US government for classified information, and there are no known attacks against AES-128. It is as secure as anything in use today. The implementation of the algorithm used by Underpass is built into the operating system and was written by Apple, so it has already been rigorously audited and tested.

For the highest level of privacy and security, it is recommended that you select a password for your chats. Underpass will use your password to encrypt your chats, keeping them secret from everyone who doesn't know the password. For two person chats, the two people can agree to the password in person, over the phone, or by whatever other confidential method you prefer. It is important to choose a strong password that cannot be guessed.

If you don't select a password, then Underpass will encrypt your chats using a built-in key. This will protect you from most observers, so it still provides you with a decent level of privacy. However, a knowledgeable and determined attacker might be able to reverse-engineer Underpass, discover the built-in key, and use that to decrypt your chats. Therefore, the only way to guarantee the security of your chats is to select a secret, strong password. The built-in key exists only for your convenience, in situations where you want to chat but cannot select a password in advance.

Table of Contents