Our prime objective in making Aegees is to provide all-round communication security. It is common knowledge these days that servers are notorious weak spots where data leaks can happen. Servers are also what governments target when trying to block the way an application works. We have developed some unique solutions to prevent data leakage and minimize the potential harm from app blocking attempts.
Where: Our Server Infrastructure
All Aegees user data will be stored on our scalable network of storage servers, which can easily be expanded to fit any demand. We will also implement data backup protocols to save all data in the event of any possible server crashes or app blocking attempts.
How: Our Approach To Storing Data On Servers
Our default approach is to encrypt all data transfers. Decryption will always require private user keys that are stored on the user device and only in a secure, pre-installed crypto-container that is an integral part of the app’s security system.
Each message will be transferred to a server as a header block and the encrypted content (in the case of any attachments such as documents, images, audio or video recordings, and so on). If there are no attachments, the message will fit into the header block, which, naturally, is also encrypted.
The time that any piece of data spends on a server is limited to the time that passes before the recipient receives it on their device. Once the message is delivered to all intended recipients, it is deleted from the server and only continues to exist on the devices of the users who exchanged it. At the moment of sending, the message is encrypted with a randomly generated session key, which is then encrypted using each recipient’s public keys. This guarantees that recipient(s) will always be able to decrypt messages on all devices that are connected to the app.
To make Aegees impossible to block, we plan to implement a decentralized server infrastructure. Right now, our server routes each piece of data to a randomly selected storage server on our roster. Once we complete migration to our decentralized infrastructure, each Aegees user will be able to pick any server they prefer. This will efficiently negate all conventional ways to block applications if anyone wanted to try!
At the moment, we know of no other messaging apps that use this approach to data storage on servers, so we are confident that we have taken good care of all known server-related weaknesses, and our users won’t have to worry about data leaks or the app ceasing to work because of a privacy crackdown.