Where FoilChat is used?

Example use cases for FoilChat

Strong encryption

FoilChat uses the best encryption algorithms out there, which means no one but the intended recipients can read your messages.

Built-in security

The security features in FoilChat run in the background and can’t be turned off by accident or design – it’s just like any other messenger app, but with more peace of mind.

Remote message removal

Sent a message or file to the wrong person? No problem. FoilChat allows you to delete it from the recipient’s device.

Hacking protection

As passwords are often the weakest link when it comes to security, FoilChat limits the amount of times someone can enter a password to protect against “brute force” hacking attacks.

No password recovery

Password recovery is a security risk because attackers can hack your email account – which is why FoilChat has no password recovery.

Internal messenger option

Businesses can make FoilChat an internal-only messenger to boost security, meaning all users are hidden from outside searches and no one can add outside contacts.

Clear account option

FoilChat allows you to easily and quickly remove all the content in your account.

Protected servers

Our servers are located in a region with strong data protection laws – meaning outsiders cannot legally access them in any situation.

Encryption algorithms

Random numbers

Fortuna PRNG

  • Devised by Bruce Schneier and Niels Ferguson, and published in 2003
  • Based on AES run in CTR mode; Fortuna seeding collects entropy from device sensors as well as SecureRandom or other RNG and is distributed into 32 pools
  • Reseeding ensures security unless the attacker is able to control all entropy going into the system
  • Reseeding is done by hashing specified entropy pools into the block cipher’s key using two iterations of SHA-2(256)

Public-private keys

RSA 4096 bit

  • U.S. Patent 4,405,829
  • An asymmetric cryptosystem where the public key can be distributed by the owner as long as the private key is only known to him or her
  • Used to create a public key to encrypt information that can be shared and a private key for recipients that can decrypt said information

Block cipher algorithm

AES 256 bit

  • Advanced Encryption Standard 256 bit – FIPS 197
  • Most widely used encryption standard today. Currently it is impossible to decrypt data encrypted by AES without knowledge of the key
  • FoilChat uses CBC, one of two block cipher modes recommended by Niels Ferguson and Bruce Schneier
  • Each block of plaintext is XORed with the previous ciphertext block before being encrypted, so every ciphertext block depends on all previously encrypted blocks

Other security features


  • The key derivation function used is PBKDF2 – RFC2898
  • PBKDF2 uses a pseudorandom function to input a password with a salt value, repeating the process to produce the key; the computational load makes password cracking very costly to perform
  • SHA-2 (FIPS 180-4) & SHA-3 (FIPS 202)
  • Hash functions one way functions used to make the input data infeasible to invert
  • TLS1.2 (Transport Layer Security) is used to secure messages between device and server

Encryption protocol overview

Learn more about the technology that makes FoilChat so secure.

Order Encryption Protocol Overview