The cross-platform, end-to-end encryption messaging system. LOGIN

Confidentiality

Create a eavesdropping-proof booth and invite your partners to join the conversation. All messages will be encrypted and no one (not even us) but involved parties can access the content of the messages.

No registration required means you can remain anonymous while enjoying the full power of end-to-end encryption messaging system. All records will be deleted afterwards.

Connection

Browse or search existing chat booths. Depending on booth settings, some require access code before you can join the booth.

Since all booths are anonymous, be sure read the booth tags before entering.

Convenience

Our cross-platform messaging system for registered users. You maybe choose a permanent user name during the registration.

No software/app installation is required. You only need a modern browser.

Create a Chat Booth

Need to have a private conversation that deserves the strength of 4096 bit RSA encryption?

Join a Existing Booth

Already received an invitation? Just looking for the right booth to chat?

Instant Messaging System

Secretive talk is your thing? Why not create an account with us?

What is KONCIL?

KONCIL is a web-based, end-to-end encryption messaging system that supports up to 4096-bits RSA encryption. You can use KONCIL as a secure, eavesdropping-proof, chat booth to have an important conversation with one or more people (up to 32) at the same time. Any system that has modern web browser installed can use KONCIL. You can use your laptop, smartphones, or even public computers to access KONCIL. No administrator privilege, plug-in or software installation is required. Please note that although some of the older browsers are supported, we still recommend newer browsers that support HTML5.

When to use KONCIL?

You can use KONCIL as an eavesdropping-proof booth to chat about sensitive material with one or more people (up to 32) at the same time. You can use whatever instant message system for your daily conversation, and switch to KONCIL when you need to talk about something extremely secretive.

What makes KONCIL unique?


Traditional instant message systems or web-based chat rooms do not offer any kind of encryption protection. That means anyone who intercepts your messages can read the content without too much trouble. The ISP or MIS department of your company, for example, can easily intercept and record your unencrypted conversations if they choose to. It is like mailing a post card to your friend. Anyone who handled your card in the postal service can read the content of the card.


Now, more message systems or web-based chat rooms start using HTTPS (128/256 bits SSL) to ensure the data transfers between the users and their servers are secure. However, SSL does not protect the secrecy of the data when their system or employees are compromised. Under SSL, the messages are encrypted and then sent from the sender's computer to the server. The server decrypts the messages (potential leaks) and then re-encrypts them before conveying the messages to the receiver. It is like mailing an international package to your friend. The postal office/custom will open the package to examine the content, reseal it, and then deliver to your friend. The custom can still know (or take some pictures of) the content inside the package.

Some no-trace messaging services claim that all chat logs are being deleted from their server, but all you can do is to take their words for it. Those companies and their employees can still keep a record if they want to. Recent incidents showed that stolen data was not being intercepted during the transmittion but actually fetched from the server-side in most cases. If your life depends on it, will you trust them in the same manner?


What KONCIL offers is an end-to end encryption messaging system that supports up to 4096-bits RSA encryption. That means we, at the server side, do not know what the content of the messages actually is. Every message is being encrypted on sender's computer before being sent. Only the receiver's private key can decrypt the message. Even the sender and KONCIL employees cannot decrypt the messages (of course, the sender does not need to decrypt the messages, since he already know what he is sending). The private key of the receiver is never being transmitted or exposed, even KONCIL servers never request the private key at all. It is like asking a moving company to deliver a locked safe that contains a letter. The moving company does not have the key to open the safe, and only your friend, who is the private key holder, can open the safe and read the letter.

Why does KONCIL offer public chat booths?

While offering the same level of encryption, public chat booths do not require registration. That means anyone can access KONCIL freely without binding his login information on a particular device. Since private key is the critical part of the whole RSA encryption mechanism, secrecy of the private key becomes the top priority. Every time you use KONCIL public booth, a new set of private key is generated (unless you choose to import your own private key). When you logout or close the browser tab, the private key is gone. If even your messages were intercepted, they will be meaningless since the private key no longer exists.

Stealing private keys from a particular device is often more cost effective than setting up a brute-force or man-in-the-middle attack. The disposable nature of KONCIL public booths makes it extremely difficult for attackers to plan the target, since there is no way for hackers to monitor all devices that you have potential access to in a given time slot.

How does RSA cryptosystem work?

RSA is one of the most widely used asymmetry cryptosystems. Asymmetric cryptography is a type of encryption mechanism that requires two separate components, one of which is secret (the private key) and one of which is public (the lock).


After generated the two components, you friend keeps the private key to herself and send the open lock (public key) to you.


Before sending, the messages are sealed by closing the lock provided by your friend. Please note that the closed lock can only be opened by using the private key, even you, the sender, cannot re-open the lock once it is sealed. Unlike real, tangible locks, it is impossible to obtain the private key by reverse-engineering the lock.


After receiving the sealed messages, you friend can open the lock and read the messages by using her unique private key.

Of course, hackers can attempt to break the lock by using brute-force attack, that is to guess the value of the key by trial and error. However, if key length is long enough (4096 bits, for example), it will take hundreds, if not thousands, of years for the world's fastest computer to solve the key value.

About |  Terms |  Privacy |  Contact |  Help |  語言:
Copyright© 2013-2022 koncil.com All rights reserved. Designated trademarks and brands are the property of their respective owners. Use of this web site constitutes acceptance of the User Agreement and Privacy Policy.Page loading time: 0.001 second(s)