Zero knowledge messaging. We cannot read your messages.

They're watching. Every message.

Alice
Not secure

Hey, can you send me the account details?

10:42 AM

Sure, the password is Summer2024!

10:43 AM

Got it. What about the PIN?

10:44 AM

It's 4729. Don't share this with anyone.

10:45 AM

Without encryption, every keystroke is exposed.

INTEL BRIEFING

Zero knowledge messaging, literallyzero

'Zero knowledge' gets thrown around a lot. Here's what it actually means inside NoChat's architecture.

CLASSIFIED
DECLASSIFIED

Keys Generated On-Device

Identity, exchange, and session keys are generated in your browser or app via Web Crypto. Private keys are never transmitted anywhere.

CLASSIFIED
DECLASSIFIED

Server Stores Ciphertext Only

The database holds encrypted message blobs, encrypted file references, and public keys. There is no plaintext and no decryption material.

CLASSIFIED
DECLASSIFIED

Subpoena-Resistant by Math

We can't produce what we don't have. Under legal order we can only hand over encrypted blobs that nobody except the endpoints can decrypt.

CLASSIFIED
DECLASSIFIED

Authenticated Encryption

AES-256-GCM ensures tampering is detected. Even a rogue server can't silently modify messages in flight.

Built on auditable, standards-based cryptography. How we secure it

Zero Knowledge + Post-Quantum

Zero knowledge today.
Zero knowledge in 2040.

Classical zero knowledge isn't enough if captured ciphertext can be decrypted decades later. NoChat derives direct-message session keys through a hybrid X25519 + ML-KEM (Kyber-1024) exchange, so the zero knowledge guarantee holds against future quantum attackers too. Groups and calls are on the roadmap.

NIST Approved Standards

The same cryptography the US government will use

ML-KEM

Key encapsulation

Kyber-1024

ML-DSA

Digital signatures

ML-DSA-65 (FIPS 204)

Harvest Now, Decrypt Later

Why this matters today, not tomorrow

Nation states are already storing encrypted communications. When quantum computers arrive, they'll decrypt years of captured data instantly.

NoChat's direct messages get post-quantum key exchange against this threat today

Most mainstream messengers — including WhatsApp and Telegram — still don't offer post-quantum messaging. NoChat ships post-quantum key exchange for your direct messages today.

FAQ

zero knowledge messaging: questions, answered

Common zero knowledge messaging questions, answered plainly.

What is zero knowledge messaging?

Zero knowledge messaging means the service provider has zero ability to read your messages, even with full access to their own servers. The keys that could decrypt your conversations live only on your devices.

How does NoChat achieve zero knowledge?

Key pairs are generated client-side with Web Crypto (P-256 ECDH + AES-256-GCM). Private keys stay in the browser or app and are never transmitted. The server stores encrypted ciphertext and public keys only.

If NoChat gets hacked, are my messages exposed?

No. An attacker who dumps the entire NoChat database would get ciphertext with no decryption keys. There is nothing in the database that can reveal message contents.

Is zero knowledge messaging the same as end-to-end encryption?

They overlap. E2EE means messages are encrypted from one endpoint to another. Zero knowledge adds: the service provider also has no ability to derive, recover, or store the decryption keys. NoChat is both.

Can NoChat reset my account if I forget my password?

Only to the extent that you've backed up your keys. Because we don't have a decryption escrow, we literally cannot recover your past messages for you. That's the cost and benefit of real zero knowledge.

Does zero knowledge mean I can't use NoChat on multiple devices?

No. Multi-device is supported via encrypted key exchange between your own devices, so new devices can receive keys without the server ever seeing them in plaintext.

How can I verify NoChat is actually zero knowledge?

The cryptography is built on open, standardized primitives, and a published crypto inventory documents exactly where keys are generated, that they never leave the device, and that the server schema only holds ciphertext.

Does zero knowledge mean NoChat knows nothing at all?

We know operational data needed to route messages — user IDs, timestamps on delivery, public keys. We don't know message content, file content, or private keys. Zero knowledge is about content, not existence.

Ready to go dark?

Get NoChat for iPhone & Android

nochat-terminal
Loading...
or create an account

No account required. No ads, no data sold. No compromises.

Desktop apps

Join the quiet ones

Join a community that values privacy over convenience.

Open
standards-based crypto
256-bit
AES-256-GCM encryption
Post-quantum
key exchange for DMs

No phone number, no tracking ID

Sign up anonymously. There's no number to link your conversations back to you.

Encrypted on your device

Messages are sealed with AES-256-GCM before they leave your device. The server only ever sees ciphertext.

Verify, don't trust us

Built on open, standardized cryptography — no homegrown crypto. Verify our claims against public standards instead of taking our word for it.