Skip to main content

Security Architecture

Zero-knowledge encryption. Same cryptographic primitives as Signal. Post-quantum ready.

Cryptographic Standards

Built on libsodium — the most audited cryptographic library. No RSA. No legacy. No padding vulnerabilities.

XChaCha20-Poly1305 Encryption

Authenticated encryption for all data. Same cipher used by Signal, WireGuard, and Cloudflare.

  • 256-bit keys with 192-bit extended nonces
  • Poly1305 authentication tag (tamper detection)
  • Unique nonce per encryption operation
  • FIPS fallback: AES-256-GCM available

X25519 Key Exchange

Elliptic curve Diffie-Hellman for secure key agreement. 32-byte keys — 16x smaller than RSA-4096.

  • Curve25519 elliptic curve (128-bit security)
  • No padding schemes — misuse resistant
  • 10x faster than RSA key exchange
  • Post-quantum hybrid: ML-KEM ready

Argon2id Password Derivation

Winner of the Password Hashing Competition. Memory-hard KDF that defeats GPU/ASIC attacks.

  • 128 MB memory requirement per derivation
  • ~500ms computation time
  • Password never transmitted — keys derived locally
  • FIPS fallback: PBKDF2-HMAC-SHA512

Ed25519 Digital Signatures

High-performance digital signatures for audit trails, certificates, and event logging.

  • 32-byte public keys, 64-byte signatures
  • Deterministic — no randomness failures
  • Hash-chained event logs (tamper-evident)
  • Post-quantum hybrid: ML-DSA ready

What Happens When...

Hacker dumps the database?

They get ciphertext. Mathematical noise. No plaintext. No usable data. No leverage for ransom.

Insider with DB access?

Same result. DBA sees encrypted blobs. Can't read, can't forge, can't leak meaningful data.

Government subpoena?

We can only provide what we have: encrypted data we cannot decrypt. Zero-knowledge means zero access.

Ransomware attack?

Data is pre-encrypted. Attacker can't re-encrypt what's already encrypted. No hostage situation.

Zeromatics itself is compromised?

We never hold plaintext keys. Our servers store only ciphertext. We can't see your data even if we wanted to.

Quantum computers arrive?

ML-KEM / ML-DSA hybrid framework in place. Classical + post-quantum combined. Drop-in upgrade when needed.

Frequently Asked Questions

Why X25519 instead of RSA?

X25519 is 10x faster, uses 32-byte keys (vs RSA's 512 bytes), has no padding vulnerabilities, and transitions cleanly to post-quantum ML-KEM. RSA is legacy.

Can Zeromatics employees see my data?

No. Data is encrypted on your device before it leaves. We store only encrypted blobs that are mathematically impossible to decrypt without your keys.

Is zero-knowledge encryption slower?

XChaCha20 runs at gigabytes/second on modern hardware. Encryption and decryption happen in milliseconds. Users notice zero performance difference.

Can the SDK integrate with existing systems?

Yes. The SDK sits between your application and database as an encryption layer. No system replacement needed. Browser (WASM), native (.NET), and REST API supported.