¶ Social Encryption™
Social Encryption™ (SE) is a quantum-resistant technology that allows one or more people to communicate with end-to-end encryption (E2EE) across a network without exchanging key over that network. Instead of traditional network key exchanges, SE uses a symmetric key derived from shared sources of entropy: passphrases, files, images, or any other offline or online data that the participants already have access to.
By drawing on shared knowledge and experience, SE leaves no network trace. The network has no way of knowing that a shared key exists or that any secure data has been exchanged between parties.
SE is a rolling cipher algorithm, meaning each entropy line is derived from a separate source and compounded into a final AES-256-GCM shared key used for E2EE. SE keys are identified across the network using a SHA-512 hash derived from an HMAC (hash based message authentication code), allowing participants to know which SE key to use for decryption without revealing any of the underlying entropic data.
SE keys are also the foundation of Quantum Rooms, Polynom's quantum-resistant ephemeral rooms.
Example: Alice asks Bob if he still has a photo they took together on holiday last year. He does. She then asks if he remembers the name of her favorite restaurant. He does. They each add these two items to Polynom's Social Encryption engine and can now communicate with fully encrypted messages that are unique to them alone, with no key ever transmitted over the network.
¶ What is an SE Key?
An SE Key is a symmetric encryption key derived from sources of entropy that only you and your intended recipients know. SE Keys are created and managed entirely by you, exist only on your device, and are never transmitted over any network.
SE Keys are the mechanism behind several of Polynom's most powerful privacy features. They are used to encrypt Socially Encrypted Rooms, to create and access Quantum Rooms, to add a user controlled layer of encryption to Call Rooms, and to encrypt Sticky Notes. Any content encrypted with an SE Key is indecipherable to anyone who does not possess it, including server administrators.
¶ How to Create an SE Key
The best way to understand SE keys is to look at Example Key 1 in your Polynom client. Click the key icon in the Toolbar, select Example Key 1, and read through its entropy entries to get a feel for what kind of data can be used. Not that more entropy lines do not necessarily produce a stronger key. A single file or image is sufficient to generate a strong key.
To create your own SE key:
- Click the + Add Key icon, give your key a name, and click Create
- Click the new key to open it and begin adding entropy
- Browse to a file or image on your device to use as an entropy source
- Optionally, assign a glyph, emoji or image to the key for easier identification
- Optionally, add a description to the key
- Optionally, enter something in the Salt field for additional entropy
- Click Add Entropy to add another entropy line if desired
- Click Update to save and finish your key
The process works the same way on mobile, though some screens are combined into a single view
