IT`S QUITE INTERESTING, HOW DOES THIS SAFE MESSAGING APP WORK?

THREE STEPS AWAY FROM BEING UNHACKABLE.

IT`S QUITE INTERESTING,
HOW DOES THIS SAFE
MESSAGING APP WORK?

THREE STEPS AWAY FROM
BEING UNHACKABLE
VERNAM IM USES A BRAND - NEW INDEPENDENT AND
CLOUD - BASED MESSAGE DELIVERY TECHNOLOGY
THAT IS INCREDIBLY SAFE AND EASY TO USE!
VERNAM IM USES
A BRAND - NEW INDEPENDENT
AND CLOUD - BASED MESSAGE
DELIVERY TECHNOLOGY THAT
IS INCREDIBLY SAFE
AND EASY TO USE!
HOW MESSAGING WORKS IN OTHER MESSENGERS
HOW MESSAGING WORKS IN OTHER MESSENGERS
Threats in encrypted messengers
SAFE MESSAGING IN VERNAM IM HAPPENS IN A COMPLETELY DIFFERENT WAY
SAFE MESSAGING IN VERNAM IM
HAPPENS IN A COMPLETELY
DIFFERENT WAY
Independent private messaging
IT`S VERY SIMPLE
AND EASY
FAST DELIVERY
(2-3 SECONDS)
IT CAN`T GO
OUT OF SERVICE
NO ADDITIONAL INFRASTRUCTURE
IS NEEDED
THERE ARE ONLY THREE STEPS TO MAKE ALL OF YOUR
MESSAGES UNHACKABLE
THERE ARE ONLY THREE STEPS
TO MAKE ALL OF YOUR
MESSAGES UNHACKABLE
Fully secured messaging 3 steps
IF YOU WOULD LIKE TO LEARN MORE, READ ON!
IF YOU WOULD LIKE TO LEARN
MORE, READ ON!
THE DELIVERY SYSTEM

Delivery System Implementation.


There are many protocols for secure messaging.
Each of them uses it's own infrastructure (set of servers and software).
Infrastructure is worth the money.

For example, Pavel Durov (owner of Telegram) spends more than
$1 million a month (source) a sum he says is
"bearable for the foreseeable future"— but not forever.
Thus, you, as a Telegram user, cannot be sure that Telegram will work tomorrow.

Durov may lose interest in this, or accept Buddhism, or he may run out of money.

Vernam IM uses third - party cloud services for private messaging.
Namely Microsoft OneDrive and DropBox.
They have an API for the public folder mechanism.
Vernam IM only writes and reads messages to/from shared folders.
All synchronization is made by cloud service:
- It is simple and easy.
- It's very reliable.
- It does not cost anything.
- It's fast (2-3 seconds).
- No other infrastructure is needed.

That is why Vernam IM does not require any registration.
We do not collect or process any personal data of users.

Users can use existing OneDrive/DropBox accounts or
create a new one for free.

To invite a friend, a user has to create a shared folder in his/her
OneDrive/DropBox account. The invited friend has to accept the invitation
and add the shared folder to his/her OneDrive/DropBox account.
These actions are committed outside the application.

Then the user has to create a new contact in the application.
Vernam IM requires you to select a cloud service (OneDrive or DropBox)
and select the shared folder that you created earlier.

Then this data is sent (via QR code) to your friend's device.
Then you and your friend can read and write messages from/to this shared folder.

Using shared folders will give you the following benefits:
- No spam and ads,
- Protection inherent in cloud services,
- It can not be forbidden (like Telegram in Russia),
- It can not be out of service,
- For an outside observer it looks like a regular file exchange
and not a conversation.
THE ENCODING - DECODING SYSTEM
Encoding - Decoding System Implementation.

Vernam IM is another implementation of the well-known One Time Pad algorithm.
The main questions about OTP (Vernam) are the following:

Key distribution.

Here's the step-by-step explanation.
Step 1.
A Blum-Blum-Shub generator is used to generate a long sequence
of pseudo-random numbers. This algorithm is well - studied and
crypto-resistant.
Vernam IM generates parameters for this algorithm (P)

Step 2.
Vernam IM asks users to draw some curves on the screen.
As a result, we have a sequence of true random numbers (TRN).

Step 3.
Vernam IM creates a string of parameters consisting of P and TRN
and converts it into a QR code.

Step 4.
The second user scans the QR code during an in-person meeting.

Step 5.
On both devices the Blum-Blum-Shub generator generates a long
sequence of pseudo-random numbers (PRN) using P.

Step 6.
On both devices we modify PRN with TRN using a certain algorithm.
As a result, we have a long sequence of PRN modified with TRN. This sequence
is used as a source for one-time pads.

Note.
We are aware of this US patent.
Our method is different from that which is described in this patent.

Authentication.

According to Wikipedia, authentication is needed in situations where an
attacker knows that the message contains some text known to him or her.

This situation is impossible in our case.

True randomness.

By definition, all hardware generators are true random number generators,
and software generators are pseudo-random.

However, there is no way to distinguish true random numbers from pseudo-random numbers from two given sequences if you do not know how
they were generated.
Just ask Google.

In this work, we can read:
"More specifically, the conjectured guarantee about this random number generator
is the following: If you present a polynomial time adversary
with two sequences:
1. A truly random sequence of bits of length k,
2. K bits from the output of the pseudorandom generator when seeded
with a starting state shorter than k bits.
Then the adversary can't distinguish between the two sequences
with probability "significantly" more than ½…

This emphasizes a deep philosophical viewpoint in theoretical computer science,
that whether some object has a property (randomness) really only depends
on the power of a computationally limited observer to identify that property.
If nobody can tell the difference between fake randomness and real randomness,
then the fake randomness is random."

In our case we do not use PRN sequence, but rather PRN modified with TRN.
Thus, we can state that our sequence of numbers is (at least) very close
to the sequence of true random numbers.

If you wish to oppose, then simply list the criteria by which you will be able
to distinguish our sequence from a sequence of true random numbers.

And finally, please keep in mind the following:
1. According to this work the Vernam cipher is robust to small deviations
of randomness.
2. In this article, randomness is defined through unpredictability.
According to this work, the Blum-Blum-Shub PRBG is an unpredictable
(cryptographic secure) generator.
THE DELIVERY SYSTEM

Delivery System Implementation.


There are many protocols
for secure messaging.
Each of them uses it's own infrastructure
(set of servers and software).
Infrastructure is worth the money.

For example, Pavel Durov
(telegram owner) spends more than
$1 million a month (source) a sum
he says is "bearable for the
foreseeable future"— but not forever.
Thus, you, as a Telegram user,
cannot be sure that Telegram will
work tomorrow.

Durov may lose interest in this,
or accept Buddhism, or he may
run out of money.

Vernam IM uses third - party
cloud services for messaging.
Namely Microsoft OneDrive
and DropBox.
They have an API for the public
folder mechanism.
Vernam IM only writes and reads
messages to/from shared folders.
All synchronization is made
by cloud service:
- It is simple and easy.
- It's very reliable.
- It does not cost anything.
- It's fast (2-3 seconds).
- No other infrastructure is needed.

That is why Vernam IM doesn`t
require any registration.
We do not collect or process any
personal data of users.

Users can use existing
OneDrive/DropBox accounts or
create a new one for free.
To invite a friend, a user has to
create a shared folder in his/her
OneDrive/DropBox account.
The invited friend has to accept
the invitation and add the shared
folder to his/her OneDrive/DropBox
account. These actions are
committed outside the application.

Then the user has to create a new
contact in the application.
Vernam IM requires you to select
a cloud service (OneDrive or DropBox)
and select the shared folder
that you created earlier.

Then this data is sent (via QR code)
to your friend's device.
Then you and your friend can read
and write messages from/to
this shared folder.

Using shared folders will give
you the following benefits:
- No spam and ads,
- Protection inherent in cloud services,
- It can not be forbidden
(like Telegram in Russia),
- It can not be out of service,
- For an outside observer it looks
like a regular file exchange
and not a conversation.
THE ENCODING - DECODING
SYSTEM

Encoding - Decoding
System Implementation.

Vernam IM is another implementation
of the well-known One Time Pad algorithm.
The main questions about OTP
Vernam) are the following:

Key distribution.

Here's the step-by-step explanation.
Step 1.
A Blum-Blum-Shub generator is
used to generate a long sequence
of pseudo-random numbers.
This algorithm is well - studied and
crypto-resistant.
Vernam IM generates parameters
for this algorithm (P)

Step 2.
Vernam IM asks users to draw
some curves on the screen.
As a result, we have a sequence
of true random numbers (TRN).

Step 3.
Vernam IM creates a string of
parameters consisting of P and
TRN and converts it into a QR code.

Step 4.
The second user scans the
QR code during an in-person meeting.

Step 5.
On both devices the Blum-Blum-Shub
generator generates a long
sequence of pseudo - random
numbers (PRN) using P.

Step 6.
On both devices we modify
PRN with TRN using a certain algorithm.
As a result, we have a long
sequence of PRN modified with TRN.
This sequence is used as a source
for one-time pads.

Note.
We are aware of this US patent.
Our method is different from that
which is described in this patent.

Authentication.

According to Wikipedia,
authentication is needed in
situations where an attacker
knows that the message contains
some text known to him or her.

This situation is impossible in our case.

True randomness.

By definition, all hardware
generators are true random number
generators, and software generators
are pseudo-random.

However, there is no way to
distinguish true random numbers
from pseudo-random numbers
from two given sequences if you
do not know how they were generated.
Just ask Google.

In this work, we can read:
"More specifically, the conjectured
guarantee about this random number
generator is the following:
If you present a polynomial time
adversary with two sequences:
1. A truly random sequence
of bits of length k;
2. K bits from the output
of the pseudorandom generator
when seeded with a starting state
shorter than k bits.
Then the adversary can't distinguish
between the two sequences with
probability "significantly" more than ½…

This emphasizes a deep philosophical
viewpoint in theoretical computer science,
that whether some object has a property
(randomness) really only depends on
the power of a computationally limited
observer to identify that property.
If nobody can tell the difference between
fake randomness and real randomness,
then the fake randomness is random."

In our case we do not use PRN sequence,
but rather PRN modified with TRN.
Thus, we can state that our sequence
of numbers is (at least) very close
to the sequence of true random numbers.

If you wish to oppose, then simply list
the criteria by which you will be able
to distinguish our sequence from
a sequence of true random numbers.

And finally, please keep in mind
the following:
1. According to this work
the Vernam cipher is robust
to small deviations of randomness.
2. In this article, randomness is defined
through unpredictability.
According to this work, the Blum-Blum-Shub
PRBG is an unpredictable
(cryptographic secure) generator.