FortKnoxster uses the strongest encryption algorithms and techniques available, combined with Blockchain and IA technologies. Our FIPS 140-2 compliant end-to-end encryption design ensures that only you have access to your data and no one else — not even FortKnoxster can access any data. FortKnoxster’s cryptography consists of AES-GCM 256-bit military grade encryption, RSA-OAEP/RSA-PSS 8192-bit encryption with SHA-512 and Elliptic Curve ECDH/ECDSA P-521 encryption.
FortKnoxster Dead Man's Switch feature consist of FortKnoxster's strong end-end-encryption combined with a decentralized KMS approach using proxy re-encryption for secret key sharing with timed based policy encryption through blockchain smart contracts. FortKnoxster is also built using Arweave - a decentralized permanent storage protocol.
All data and files sent and received in FortKnoxster are end-to-end encrypted by default. When you create a FortKnoxster account, several cryptographic keypairs are generated on your local device to encrypt and decrypt messages and files. The private keys are protected with encryption keys derived from your password which is only known to you and nobody else.
FortKnoxster uses a zero-knowledge authentication scheme in which the user’s password never leaves the user’s device, keeping you in control of your private keys and confidential security information. FortKnoxster never transmit or store passwords in plain text, as these are protected with a hash-based encryption for zero-knowledge authentication.
FIPS 140-2 is a mandatory standard for the protection of sensitive or valuable data at Government and military level systems. FortKnoxster uses FIPS 140-2 level 3 compliant encryption for securing customer data and communication at rest and in transit, with hardware security modules (HSM).
FortKnoxster has developed a unique peer-to-peer encryption message protocol between users’ client devices and FortKnoxster’s crypto nodes, to protect against MITM attacks and prevent unauthorized account access, besides the TLS layer. All critical user actions such as fetching contacts and their public keys, account synchronization and user settings (like account recovery, password change and two-factor authentication), are both encrypted and cryptographically signed bidirectionally between the user device and the crypto nodes.
FortKnoxster clients apply cryptographic authentication using AES-GCM with AEAD, to ensure data integrity and authenticity, and to avoid tampering. The key is only known to the user’s client and those they share the file with, not the server.
All communication between the client devices (desktop browsers, Android app, iOS app) and the servers are layered with an extra separate strict encryption channel using HSM to protect private keys. Only TLS 1.2 and TLS 1.3 are supported and is configured with the strongest cipher suites available, such as ECDH with elliptic curve 25519 and RSA 3072-bits, including a 4096-bit Diffie-Hellman parameter for DHE cipher suites. The strong TLS configurations enable HTTP Strict Transport Security (HSTS), OCSP Stapling, Forward Secrecy and protect against all known attacks such as Beast, Heartbleed, Poodle and many more.
Our source codes are open sourced on GitHub and allows security researchers to fully evaluate our end-to-end encryption implementation in our desktop web app and native mobile apps for iPhone/iPad and Android devices.
FortKnoxster Crypto Web
Cross-browser cryptographic library implementing the Web Cryptography API for FortKnoxster’s end-to-end encryption and peer-to-peer message encryption protocol.
All FKX token related smart contracts have all been security audited prior to deployment on the Ethereum and Binance Smart Chain blockchains.