Home Log In Create Account Security Info

Security Info

PepperPush uses industry-standard security primitives to provide in-depth protection for your information. Not only does PepperPush use standard security features like TLS to encrypt all communications between your browser/phone to the server, PepperPush also uses end-to-end encryption for your notifications. Notifications are protected by an Encryption Password that only you know, and this Encryption Password never leaves your device. All notifications are encrypted using a secret key derived from your Encryption Password, which means that even in the case of a complete compromise of the PepperPush server or the connection between your device and the PepperPush server, your notifications will still be secure! This is why it is important that your Encryption Password is a strong password and different than your Account Password!

Communications Security

All communcations with PepperPush server are protected by TLS 1.2/1.3 with strong cipher suites using a Let's Encrypt sertificate. DNS CAA records and Certificate Transparency prevent a fradulent certificate from being issues. PepperPush uses the .app TLD which requires TLS for all HTTP connections and is enforced by HSTS pinning of the entire .app domain in the browser. Check out our SSL Labs report.

Account Password Storage

Your account is protected by your Account Password. Only a hash of your password is stored on the server. This hash is calculated using scrypt (N=16384, r=8, p=1) with a user-based salt. If your Account Password is strong, it will take an attacker a long time to guess your password and they will have to specifically target your hash because of the user-based salt.

End-to-End Encryption

Your notifications are protected by your Encryption Password. This is turned into an encryption key using the scrypt PBKDF (N=16384, r=8, p=1) to generate an 128-bit AES key for end-to-end encryption. Your Encryption Password and your derived end-to-end encryption key never leave your devices. Your notifications are then encrypted using AES in GCM mode to not only encrypt but also authenticate your notifications, preventing an attacker from successfully tampering with the ciphertext in any way. In order to view your notifications, you must provide your Encryption Password which will let you verify the integrity of your notifications and decrypt them locally in the browser.

When logging into your account, the Android app and webapp perform local cryptographic operations to verify that your Encryption Password is valid for your account - neither the Encryption Password or derived key material ever leave your device! This is verified by checking that the provided Encryption Password is able to successfully verify and decrypt a randomly generated value for your account when it was created. This procedure makes sure you are always using the correct Encryption Password for your account, while never requiring the Encryption Password to leave your device.

Cryptography Libraries

The webapp uses the SJCL for cryptography operations in Javascript. The server using Pycryptodome for cryptography operations in Python. The Android app uses Password4j and javax.crypto for cryptography operations in Java.

Data Retention

Your notifications are stored in their encrypted form on the PepperPush server for approximately 30 days, after which they are removed from PepperPush.