Secure Transfer Protocol and Privacy

Deep Dive: The RavenSMS Secure Transfer Protocol – Engineering Connectivity Without Compromise

At the heart of the RavenSMS application lies a sophisticated and multi-layered transfer protocol, meticulously engineered to transform the limited SMS channel into a secure, reliable, and feature-rich communication pipeline. This document outlines the core architecture and innovative principles of this proprietary protocol.

Protocol Architecture: A Layered Approach

The protocol is structured in distinct layers, each responsible for a specific aspect of data integrity, security, and delivery. This modular design ensures robustness and allows for future enhancements.

1. The Encoding Layer: Ensuring Universal Compatibility

The outermost layer is responsible for preparing the final data payload for transmission across diverse global telecom networks, which often have strict character set limitations.

  • Custom GSM-7 Encoding (Default): Our default encoding uses a custom-extended GSM-7 character set, engineered to maximize data density within a single SMS. This results in the smallest possible message size, reducing transmission costs and increasing efficiency.
  • Base64 Encoding (Reliable Fallback): For maximum compatibility across all networks, especially those with legacy or restrictive infrastructure, the protocol can employ standard Base64 encoding. This ensures reliable transmission where our custom encoding might face barriers.
  • Stealth Encoding (Privacy-First): To enhance operational security (OPSEC) and reduce metadata footprint, our custom Stealth encoding generates payloads that structurally mimic natural human conversation patterns. While not using real words, it avoids unusual symbol combinations, making encrypted messages less conspicuous to automated scanning systems and blending seamlessly within a normal message history.

2. The Encryption Layer: Guaranteeing Confidentiality

Beneath the encoding lies the core of our security: strong, standardized encryption.

  • Algorithm Selection: The protocol employs AES symmetric encryption. The key strength is tiered to user needs: AES-192 for standard users and AES-256 for enterprise-grade security requirements.
  • Initialization Vector (IV): A unique, cryptographically secure random IV is used for each message, ensuring that even identical plaintexts produce completely different ciphertexts, preventing pattern analysis.

3. The Packaging Layer: Headers, Compression, and Integrity

This layer constructs the final packet, managing metadata, optimizing size, and guaranteeing data integrity.

  • Structured Header: Each packet contains a header with essential metadata, including:
    • Unique Message IDs
    • Protocol Version Flags
    • Feature Flags (indicating compression, message type, etc.)
    • This structured header makes the protocol a true competitor to online chat platforms, supporting complex messaging features within the confines of SMS.
  • Smart Compression: User data is intelligently compressed before encryption.
    • The system dynamically selects from multiple tested algorithms, with Deflate often chosen for its superior performance on text-based data.
    • Compression is not forced. The engine performs a cost-benefit analysis; if compression does not reduce the final size, the original data is transmitted instead.
    • This process typically achieves a 1.5x to 5x reduction in size, significantly decreasing the number of SMS messages required for longer texts or data.
  • Data Integrity Protection: The protocol is inherently sensitive to manipulation. Integrity checks are performed at each layer, making Man-in-the-Middle (MitM) attacks detectable. Recipients are notified immediately if a message fails integrity verification.

4. Local Data Sovereignty and Recovery

A key innovation separates transmission security from local storage security, ensuring user data remains accessible.

  • On-Device Re-encryption: Upon receipt, messages are decrypted and immediately re-encrypted using a key derived solely from the user’s master password. This key never leaves the device.
  • Password-Based Recovery: This architecture means all local data can be recovered solely by remembering the master password, even after a device is lost, wiped, or the app is reinstalled. Connection keys used for transmission can also be backed up separately for restoration.

5. Additional Security & Privacy Innovations

The protocol’s principles extend to the entire application ecosystem:

  • System-Wide Message Encryption: An optional feature allows RavenSMS to encrypt all SMS messages on the device—even those from non-RavenSMS contacts—protecting them from other applications with SMS read permissions.
  • Confidential Messages: For sharing highly sensitive data like credentials, users can send “Confidential” messages. These are double-encrypted with separate AES keys, not compressed to avoid potential metadata leaks, and protected with another AES keys which is generated and transmitted at connection stage.
  • Conversation Vault: Individual conversations and their associated contact information (name, image) can be locked behind biometric or PIN authentication, hiding their contents from plain view.

Conclusion: Mindful by Design

The RavenSMS Transfer Protocol is not merely a set of rules for data transfer; it is a thoughtfully constructed framework. Its layered, versioned, and modular design is built with future-proofing in mind, allowing for continuous improvement while maintaining backward compatibility. It represents a significant engineering achievement: delivering modern, secure messaging features without reliance on internet infrastructure, central servers, or compromises on user privacy.