Privacy & Data Security on SuperFam - a foundation of trust
Discover how SuperFam ensures data privacy & security - going above & beyond!
How End-to-End Encryption Keeps Your Family’s Data Safe & Private on Superfam
In today’s world, privacy and security are more important than ever. At SuperFam, we’ve built our app with your family’s privacy & safety in mind. From sharing precious memories to storing important documents, everything you send or save on SuperFam is protected by end-to-end encryption (E2EE).
What Is End-to-End Encryption, you ask? Well, End-to-end encryption is a way of protecting your information so that only you and the people you’re communicating with can access it. Think of it as a private, secure envelope that only the sender and receiver can open—no one else, not even SuperFam, can peek inside.
How does this work & what does it really mean for me & my family on SuperFam? Read on to learn more
100% Private & Secure 🔐
On SuperFam, your messages & files are protected with end-to-end encryption, meaning only you and the person you're connected to can read them—not hackers, not strangers, not even SuperFam.
You can only chat & share with verified connections - no scams, no spam.
Every conversation gets a unique security key, and new ones are created regularly for extra protection. Even if someone tries to intercept your messages, all they’ll see is meaningless code.
Your family’s chats, tasks, and memories stay completely private—always.
How It Works
Part A: High-Level Overview of Cryptographic Concepts and Algorithms
1. Public and Private Keys: Every device generates a key pair. The private key remains secret, while the public key is shared. These keys allow secure communication by ensuring that even if the public key is known, only the holder of the private key can decrypt data.
2. Ephemeral Keys: Temporary keys generated for a single session. They enhance security because each session has its own keys, so compromising one session does not affect other sessions.
3. Key Exchange: A secure method where two parties generate a shared secret without directly transmitting it. Each party uses their private key and the other’s public (or ephemeral) key to compute the same secret.
4. HKDF (HMAC-based Key Derivation Function): HKDF takes the shared secret and “stretches” it into one or more keys used for encryption. This process refines the raw shared secret into strong cryptographic keys.
5. Encryption Algorithms
- AES-CBC: Used for encrypting messages.
- ChaCha7539: Employed exclusively for file encryption, ensuring fast and secure file transfers.
- SHA-256 HMAC: Provides data integrity verification, ensuring that the information has not been tampered with.
These techniques work together to ensure that even if someone intercepts the communication, they cannot decipher the content without the corresponding keys.
Part B: Point-by-Point Breakdown of the Process
1. Registration and Key Generation:
Assume 2 users; Ram (Dr) and Shyam (Ds) Join SuperFam:
- Each device generates its own public/private key pair.
- The devices register the public keys with the server, receiving a unique key ID for future reference.
2. Connection Request:
- Ram Sends a Connection Request to Shyam
- Ram initiates the process by sending a request to establish a secure communication channel.
3. Connection Acceptance:
Shyam Accepts the Request: Upon acceptance, the process for establishing a secure session begins.
4. Ephemeral Key Generation and Shared Secret Derivation:
Shyam’s Device (Ds) Actions:
- Retrieves one of Ram’s public keys (PKr) along with its key ID from the server.
- Generates a new ephemeral public/private key pair (EPKs, EpKs).
- Derives a shared secret using Ram’s public key (PKr), Shyam’s ephemeral public key (EPKs), and Shyam’s ephemeral private key (EpKs).
5. Session Setup Message:
Shyam’s Device Sends a Session Setup Message: This message contains the newly generated ephemeral public key and the key ID of the public key used (from Ram).
6. Shared Secret Generation at Ram’s End:
Ram’s Device (Dr) Actions:
- Receives the session setup message.
- Looks up its corresponding private/public key pair using the key ID.
- Uses the received ephemeral key from Shyam to generate the same shared secret.
7. Key Derivation and Encryption:
- Using HKDF: Both devices derive ephemeral secrets from the shared secret.
- Message and File Encryption:
- Messages:Encrypted using AES-CBC.
- Files: Encrypted using ChaCha7539.
- Verification: SHA-256 HMAC is used to ensure the integrity of the data.
Can SuperFam Read My Data? Absolutely Not!
We’ve designed SuperFam to make it mathematically impossible for us to read your data. Here’s why:
Data is only stored on your devices: Unlike other apps, SuperFam doesn’t store your chats, documents, or notes on its servers. Instead, all your data is securely stored locally on your family’s devices.
No access to session secrets: Because your session secrets are generated and stored on your device, even SuperFam can't decrypt your data in transit across the internet & SuperFam's servers.
No hidden software: SuperFam doesn’t include any additional software to analyze your chats or documents for advertising purposes, profiling, or any other reason. You can rest assured that we’re not collecting or monetizing your data in any way.
A digital space for your family - Private & Secure
SuperFam ensures a foundation of privacy & security that your family deserves;
Total Privacy: Whether you’re sharing medical records, personal notes, or sensitive family documents, no one—not hackers, third parties, or even SuperFam—can see your data.
Peace of Mind: With encryption, you don’t have to worry about your family’s private moments or critical information falling into the wrong hands.
Secure Storage: Your data is securely saved only on your devices, not on our servers. Even if someone were to access our systems, they wouldn’t find any of your personal data.
No Ads, No Profiling: Unlike other apps, Superfam does not analyze your chats & files to create ad profiles or serve targeted ads. Our sole focus is your family’s security and privacy.
How SuperFam Goes Beyond?
At SuperFam, we’ve designed every feature—from group chats to file storage—with E2EE as a foundational principle. Whether you’re a tech expert or a casual user, our mission is to make advanced security simple and seamless for your family - as it should be in this digital age.
Location is the only feature that is encrypted - but not end-to-end encrypted. This is to ensure that server-driven features including sharing with multiple family members securely & sending automatic notifications on leaving/arriving at saved places - all work seamlessly. All location data is flushed from our system frequently & at any time - only the last 10 location coordinates are persisted on our servers.
In Summary
End-to-end encryption ensures that your family’s conversations, documents, and notes stay private and secure. By encrypting everything from the moment it leaves your device to the moment it’s opened by the recipient, SuperFam provides a safe space for your family to connect and share.
With SuperFam, your data is yours—secure, private, and free from interference.
Download SuperFam today and experience the peace of mind that comes with a promise of complete data safety & privacy - exactly what your family deserves!
