Ciphr Mail enables users to send end-to-end encrypted emails protected by ECC448 and AES-256 encryption. It is also compatible with external networks using RSA 4096.
Ciphr Mail FAQs
When you reactivate your Ciphr Mail app, it creates a new set of encryption keys, including your "public key" used by your contacts to encrypt emails sent to you. If the sender has your old public key in their app's cache memory, incoming emails will not decrypt properly.
To fix this issue, the sender will need to clear their Ciphr Mail cache so that their Ciphr Mail app can access your new public key.
To clear the Ciphr Mail cache:
- Open Ciphr Mail
- Open the Ciphr Menu by tapping on the Ciphr logo in the top left corner.
- Select "Settings"
- Select "Emails"
- Select "Clear Cache"
The labels at the top of a Ciphr Mail provide you with confirmation about the security properties of the email.
ECC ADV Encrypted: This is the encryption key ID.
Trusted: This indicates that the user's public key matches the one they uploaded to Ciphr.
Signed: The signature (generated by the hash algorithm) has been validated against the sender's public signing key. In order words: it came from who it says it came from.
You may wish to regenerate keys if you prefer the improved security that comes with a regular rotation of key material, you are having difficulty decrypting emails, or if your contacts are having difficulty emailing you .
If a contact that you've communicated with in the past regenerates their keys, this might cause them to receive emails that are not decrypted (garbled text). This is because the email was sent is using their old "Public Key" that is still stored in your Ciphr Mail cache memory. If this happens, you must clear the cache memory to force the Ciphr Mail application to fetch their new "Public Key" from the server.
Keys can be regenerated by following these steps
- Launch Ciphr Mail and unlock it with your password
- Tap on the Ciphr logo on the top left of the screen
- Tap on "Settings" and then "Security"
- Tap on "Regenerate Keys"
- Enter your password to confirm and tap on "REGENERATE KEYS"
- Highlight last option (which will regenerate all 3 sets of keys)
- Tap on the "checkmark" on the top right of the screen to start the regeneration
You can send and receive emails from some external networks given both Ciphr and the external network are compatible. When emailing an external network, the encryption standard used is RSA 4096 bits. For the strongest email encryption, we recommend communicating to a Ciphr Mail account which will used the more advanced encryption standard ECC448.
These are the security details of your email, and this information is stored only on your device.
- ECC ADV Encrypted: This is the encryption key ID.
- Type: This is the key exchange mechanism.
- Size: This indicates the size of the key in bits.
- Email: This is the email address tied to the key.
- Creation Date: This is the time of creation of the key, not the message.
- Fingerprint: This is a longer form of the key ID.
- Trust: This indicates that the user's public key matches the one they uploaded to Ciphr.
- Hash: This is the hash algorithm used to generate the digital signature attached to each message from that user.
- Cipher: The cipher used to encrypt the message contents.
- Expiry: This indicates the validity period of the key. However, Ciphr never limits key validity, but third-party RSA keys might specify one.
Want to learn more about Ciphr?
Visit our blog for more helpful information.