CipherKit FAQ

Answers to frequently asked questions.


What encryption does CipherKit use?
CipherKit uses two primary encryption libraries: TweetNacl.js and SJCL.js.

The TweetNacl implementation of x25519-xsalsa20-poly1305 is used with 256 bit keys for asymmetric encryption. TweetNacl's randombytes function is used to generate random keys.

The SJCL implentation of AES is used with 256 bit keys for symmetric encryption. SJCL's sha256 implementation is also used.

Our diceware algorithm uses crypto.getRandomValues to generate random numbers.

Non-cryptographic algorithms (e.g. randomly selected background patterns or images) use Math.random() to generate random numbers.
Return to Top


How does CipherKet generate those neato passwords?
Those passwords are generated using our implementation of Bruce Schneier's "diceware" algorithm with the Electronic Frontier Foundation's long word list. Our algorithm uses window.crypto.getRandomValues to generate random numbers.
Return to Top


Why do I need an email address?
CipherKit uses your email address in order to be able to associate your keys with your identity. Additionally, CipherKit will uses your email to send you read receipts and other communications.

If you do not want to associate your everyday email address with your CipherKit account, create a new one with a free provider.
Return to Top