About EncryptRoom

What EncryptRoom Does

EncryptRoom provides downloadable terminal clients for private live chat rooms on the managed EncryptRoom relay. It is intentionally a live-room system, not a persistent inbox or message history platform.

Core Behavior

• Clients encrypt message payloads before sending.
• Relay forwards ciphertext frames between room members.
• No chat history is stored for later retrieval.
• Clients connect to relay, not directly to each other.
• If you are offline, you miss messages by design.

What Users Receive

• A room bundle with platform-specific terminal clients for Windows, macOS, and Linux.
• Each client includes embedded room invite data so users can join the intended room quickly.
• Participants enter display name and room password in the terminal client at startup.

Room Creation to Live Chat

1. Create a room bundle from the main page.
2. Share the correct client binary with trusted users.
3. User opens client, enters display name and password.
4. Client authenticates and joins the live room.
5. Participants exchange encrypted live messages.

Authentication and Encryption

• Room authentication uses challenge-response verification derived from room secret material.
• Room passwords are used client-side for invite unlocking and are not sent as plaintext relay login secrets.
• Message security uses X25519 + HKDF-SHA256 + ChaCha20-Poly1305 with monotonic counters and replay rejection.
• Display names and message bodies are encrypted inside payloads.

Security Boundaries

• Protects message confidentiality and integrity from relay visibility.
• Does not hide network-level metadata like timing and connection volume.
• Does not protect compromised endpoints (malware, keyloggers, memory theft).
• Membership changes require new room/invite distribution in the current design.

Made by Software for Progress Foundation.

Want to review how the relay works? View the EncryptRoom Open Source project on GitHub →

Back to bundle creator