Security

FortKnoxster uses the strongest encryption algorithms and techniques available, combined with Blockchain and IA technologies. Our FIPS 140-2 compliant end-to-end encryption design ensures that only you have access to your data and no one else — not even FortKnoxster can access any data. FortKnoxster’s cryptography consists of AES-GCM 256-bit symmetric encryption, RSA-OAEP/RSA-PSS 8192-bit encryption with SHA-512 and Elliptic Curve ECDH/ECDSA P-521 encryption.

DieFi Dead Man's Switch

FortKnoxster Dead Man's Switch feature consist of FortKnoxster's strong end-end-encryption combined with a decentralized KMS approach using proxy re-encryption for secret key sharing with timed based policy encryption through blockchain smart contracts. FortKnoxster is also built using Arweave - a decentralized permanent storage protocol.

FortKnoxster Servers

Decentralized DieFi

The FortKnoxster’s DieFi core concept is decentralized. FortKnoxster consist of various decentralized components, such as decentralized storage, blockchain technology and decentralized KMS to protect time-based secrets with proxy re-encryption (PRE).

For more information, please read our article FortKnoxster Decentralized DieFi Crypto Suite.

FortKnoxster DieFi

End-to-End Encryption by Default

All data and files sent and received in FortKnoxster are end-to-end encrypted by default. When you create a FortKnoxster account, several cryptographic keypairs are generated on your local device to encrypt and decrypt messages and files. The private keys are protected with encryption keys derived from your password which is only known to you and nobody else.

Zero-Knowledge Authentication

FortKnoxster uses a zero-knowledge authentication scheme in which the user’s password never leaves the user’s device, keeping you in control of your private keys and confidential security information. FortKnoxster never transmit or store passwords in plain text, as these are protected with a hash-based encryption for zero-knowledge authentication.

FIPS 140-2 Level 3 Compliant Encryption

FIPS 140-2 is a mandatory standard for the protection of sensitive or valuable data at Government and military level systems. FortKnoxster uses FIPS 140-2 level 3 compliant encryption for securing customer data and communication at rest and in transit, with hardware security modules (HSM).

Peer-to-Peer Encryption Protocol

FortKnoxster has developed a unique peer-to-peer encryption message protocol between users’ client devices and FortKnoxster’s crypto nodes, to protect against MITM attacks and prevent unauthorized account access, besides the TLS layer. All critical user actions such as fetching contacts and their public keys, account synchronization and user settings (like account recovery, password change and two-factor authentication), are both encrypted and cryptographically signed bidirectionally between the user device and the crypto nodes.

Open Source

Our source codes are open sourced on GitHub and allows security researchers to fully evaluate our end-to-end encryption implementation in our desktop web app and native mobile apps for iPhone/iPad and Android devices. FortKnoxster Crypto Web Cross-browser cryptographic library implementing the Web Cryptography API for FortKnoxster’s end-to-end encryption and peer-to-peer message encryption protocol.

Security Auditing

All FKX token related smart contracts have all been security audited prior to deployment on the Ethereum and Binance Smart Chain blockchains.

Bug Bounty Program

As security and privacy is our bread and butter, we at FortKnoxster look forward to working with the security community to find security vulnerabilities in order to keep our users and business safe. If you are a security researcher, white hat hacker or developer and want to report a vulnerability, please visit FortKnoxster’s Bug Bounty Programme.