SilentKey encrypts every message on your device before it ever touches the network. The server stores only encrypted blobs — never plaintext.
Every step of the encryption chain happens in your browser — never on the server.
WhisperBox server receives only the encrypted payload, IV, and wrapped key — it has no cryptographic material to decrypt anything.
Every component is designed with the assumption that the server is untrusted.
All messages are encrypted on your device before transmission. The server only ever receives opaque ciphertext — never plaintext.
Your private key is derived from your passphrase via PBKDF2, encrypted with AES-KW, and stored wrapped. It never leaves your device in plaintext.
Messages use AES-GCM symmetric encryption with a unique IV per message. The AES key itself is sealed with RSA-OAEP for both sender and recipient.
A WebSocket connection enables instant message delivery. Encrypted payloads are pushed to recipients as soon as they arrive at the server.
Create your account and your keys are generated locally — we never see your private key or your messages.
Get Started — It's Free