Secure • Private • Simple

Military-Grade Encrypted Messaging

PrivMsg provides end-to-end encrypted communication with 2048-bit RSA encryption. Your messages are only readable by you and your intended recipient.

Open-source cryptography - security you can verify

Create Account

01000101 01101110 01100011 01110010 01111001 01110000 01110100

01010000 01110010 01101001 01110110 01100001 01100011 01111001

01010011 01100101 01100011 01110101 01110010 01100101 01100100

01000100 01100101 01100011 01110010 01111001 01110000 01110100

01010010 01010011 01000001 00101101 00110100 00110000 00111001

01000001 01000101 01010011 00101101 00110010 00110101 00110110

Zero Knowledge

We never have access to your private keys or unencrypted messages - guaranteeing your privacy.

Open Standards

Our implementation uses standard cryptographic libraries that follow industry best practices.

Simple to Use

Advanced encryption made easy - no technical knowledge required to send secure messages.

Key Features

Private Communication Made Simple

Our platform uses modern encryption to protect your messages.

End-to-End Encryption: All messages are encrypted on your device before transmission and can only be decrypted by the intended recipient. We can't read your messages.
Strong Encryption: We use 2048-bit RSA encryption for key exchange and AES-256 for message encryption, providing strong security for your communications.
Ephemeral Messaging: Set messages to self-destruct after being read, leaving no trace of sensitive communications.
Digital Signatures: Every message is digitally signed, ensuring authenticity and preventing message tampering or impersonation.

How It Works

The Technical Process

Understanding how your messages are secured through encryption.

Key Generation

When you create an account, we generate a 2048-bit RSA key pair on your device. This provides strong encryption for your messages.

Your private key never leaves your device and is secured with your password. The public key is shared with your contacts for message encryption.

Security Note: Your private key is stored encrypted on your device and is never transmitted across the internet.

RSA 2048-bit Key Pair

Generates two mathematically linked keys:

Private Key

-----BEGIN RSA KEY-----
Stays on your device
-----END RSA KEY-----

Public Key

-----BEGIN PUBLIC KEY-----
Shared with contacts
-----END PUBLIC KEY-----

Message Encryption

When you send a message, we use a hybrid encryption approach. First, your message is encrypted with AES-256 using a randomly generated key. This is the same encryption standard used for top-secret government documents.

This unique AES key is then itself encrypted with the recipient's public RSA key. Once encrypted, only the matching private key can unlock the message, ensuring only the intended recipient can read your communication.

Security Note: Hybrid encryption combines the speed of symmetric encryption (AES) with the security of asymmetric encryption (RSA).

Hybrid Encryption Process

Your Message

Plaintext

AES-256 Encryption

With random key

RSA-2048 Encryption

Of AES key with recipient's public key

Secure Transmission

The encrypted message travels through our servers using TLS (Transport Layer Security) for additional protection during transit. This creates multiple layers of security for your communications.

Even if our servers were compromised, your messages remain encrypted end-to-end. We cannot read your messages because we never have access to your private keys, ensuring true zero-knowledge security.

Privacy Note: We maintain minimal metadata and no message content, maximizing your privacy even beyond the encryption itself.

Layered Security Model

Your Device

Recipient's Device

Encrypted Data

TLS Tunnel

Decryption

When the recipient receives the message, their device first uses their private RSA key to decrypt the AES key. This process can only be performed with the correct private key, which only exists on their device.

The decrypted AES key is then used to decrypt the actual message content. This entire decryption process happens seamlessly on the recipient's device without requiring any special actions.

Technical Note: The decryption process also verifies the digital signature, ensuring the message was not tampered with during transmission.

Decryption Process

Encrypted Package

RSA-encrypted AES key + AES-encrypted message

Private Key Decryption

Reveals the AES key

Original Message

Plaintext content

See Encryption in Action

Try our interactive demo below to understand how your messages are secured using the Web Crypto API right in your browser!

Step 1: Your Message

Type a message below. This is your original, readable message (plaintext).

Step 2: Generate Keys

Every user has a unique pair of keys: a public key (sharable) and a private key (kept secret). Let's generate a pair for this demo.

Public Key:

Private Key: (Secret - Never share!)

In a real scenario, your private key is stored securely and never shared.

Step 3: Encryption

Now, we use the recipient's public key (in this demo, our generated public key) to encrypt your message. Only the corresponding private key can decrypt it.

Encrypted Message (Ciphertext):

This garbled text is what would be sent over the network. It's unreadable without the private key.

Step 4: Decryption

Finally, the recipient uses their private key to decrypt the ciphertext and reveal the original message.

Decrypted Message:

This demonstration uses the Web Crypto API available in your browser for cryptographic operations.

Ready to try it out? It's completely free.

Create an account to send and receive encrypted messages. No payment or personal information required.

Create your account

By signing up, you agree to our Terms of Service and Privacy Policy.