TECHNICAL

Security Architecture

Encryption Protocol

Lakrion implements the Signal Protocol with PQXDH post-quantum key exchange:

  • PQXDH Key Agreement - Post-Quantum Extended Diffie-Hellman with ML-KEM-768 hybrid encryption
  • Double Ratchet - Per-message forward secrecy with key evolution
  • Sender Keys - Efficient group encryption with E2E guarantees
  • AES-256-GCM - Authenticated encryption for message content
  • Post-Quantum Cryptography - ML-KEM-768 hybrid, active for messages, calls, PTT, and video
  • Deniable Authentication - MAC-based auth that doesn't create proof of authorship

Metadata Protection

Beyond message encryption, we protect communication metadata:

  • Sealed Sender - Server cannot see who sends messages; sender ID is inside the encrypted payload
  • Sender Unlinkability (ESID) - Ephemeral sender IDs prevent linking messages to identities
  • Uniform Message Envelopes - All messages padded to fixed sizes, hiding content type and length
  • Control Camouflage - Typing indicators and read receipts disguised as regular messages
  • Cover Traffic - Self-addressed dummy messages to mask communication patterns. Enabled by default.
  • Timing Obfuscation - Server-side timing is randomized to resist traffic analysis
  • No Contact Graph - We don't store or expose your contact relationships
  • Connection Randomization - Randomize connection patterns to prevent fingerprinting

Post-Compromise Security (PCS)

If a session is compromised, Lakrion automatically recovers security:

  • Automatic PCS - Strong, automatic recovery without user intervention
  • Forced DH Ratchet - Recovery events trigger immediate key rotation
  • Silent Session Burn - Suspicious sessions automatically destroyed and rebuilt
  • Identity Blinding - Identity keys can rotate without breaking sessions
  • Key Aging - Keys auto-expire and are purged on schedule

Dormant Architecture (LDA)

Our novel security architecture protects against zero-click exploits:

  • Code Not Loaded - High-risk subsystems (audio, codecs) completely unloaded until needed
  • Mutual Consent - Both parties must agree before loading call/PTT subsystems
  • Time-Bounded - Active subsystems automatically return to dormant state
  • Exploit Resistance - Pegasus-style attacks can't target code that isn't loaded

Read the full LDA specification →

Network Privacy

  • Tor Support - Route all traffic through Tor with automatic kill-switch
  • TURN-Only Calls - Voice calls always relayed; your IP never exposed to peers
  • ACK Batching - Three modes to batch acknowledgments and reduce timing leaks
  • Traffic Shaping - Configurable jitter and timing patterns (3 modes)
  • TLS 1.3 - All connections use modern TLS with certificate pinning

Privacy by Default

  • No Phone Number - Create accounts with just an account key
  • Screenshot Blocking - Enabled by default
  • Incognito Keyboard - Disables keyboard learning by default
  • Activity Indicators OFF - Typing, online status, read receipts all off by default
  • Calls OFF - Voice/PTT disabled by default, enable per-contact
  • Per-Chat Controls - Toggle calls, media, and activity per conversation
  • Encrypted Local Storage - Database and media files encrypted on device

Server Architecture

  • 24h Auto-Delete - Undelivered messages purged after 24 hours
  • Minimal Logs - Only operational data; no message content or metadata
  • EU Jurisdiction - Servers in Germany under EU privacy law
  • Cannot Read - E2E encryption means we see only encrypted blobs
  • Cannot Identify Sender - Sealed sender hides who sent each message

Verification

Verify contacts through safety numbers - a unique fingerprint derived from both parties' keys. Compare via QR code in-person or by reading numbers aloud.

Voice Calls

  • E2E Encrypted - Per-session ephemeral keys, ChaCha20-Poly1305
  • IP Protected - All calls routed through TURN relay
  • Opus Codec - High-quality audio with RNNoise suppression
  • Off by Default - Calls only enabled when you explicitly allow them

Audits & Transparency

  • Protocol - Self-published specification (independent audits planned)
  • LDA Specification - Published on Zenodo for technical review
  • Open Source Client - Planned

What We Can't Protect Against

No system is perfect. Encryption doesn't protect against:

  • • Device compromise (malware with root access)
  • • Screenshots by recipients (we block, but determined attackers can work around)
  • • Physical access to unlocked devices
  • • Weak device security (no PIN/biometric)
  • • Social engineering
  • • Compromised contacts forwarding your messages

Security is a chain. We provide the strongest link we can.

Last updated: March 2026

← Back to home