X-IM: Encrypted Instant Messaging
XIM: Encrypted Instant Messaging Download the Free X-IM Software Now X-IM Features - Standard and Pro Versions Our security and encryption technology explained. Help section for X-IM Software. Advertising Opportunities Our Privacy Statement



How Strong Is It?

 X-IM's Encryption Protocols and Algorithms are selected and designed to protect the privacy of your communications well into the foreseeable future and beyond.  In other words it is designed well in excess of what is necessary to protect against today's technology.  If a million of today's 3 GHz PCs were connected in parallel to break an X-IM key at its weakest point using today's mathematical knowledge, they would take around one trillion years to complete their task* -- hundreds of times longer than it will take for the Sun to expand into a red giant and make the point moot.

Key Sizes

 We use highly optimized code to allow the use of large key sizes while keeping all cryptographic operations virtually instantaneous.   Encryption technology referred to as "Military Strength" or "Industrial Strength" typically uses 128-bit session keys, 128-bit hash functions, and 1024-bit public/private key pairs.   X-IM uses 256-bit session keys, 160-bit hash functions, and 2048-bit public/private key pairs.

Algorithms and Protocols

The main workhorse of X-IM's cryptosystem is its stream cipher.   In conjunction with its hash algorithm, this is used to ensure that all data (text messages, files, voice or video streams) is both unreadable and unalterable by third parties.   The algorithm used for X-IM's stream cipher is one of the most widely used and trusted algorithms in the field, and is typically referred to by cryptographers as "RC4."   This algorithm is also used in applications such as secure websites (SSL and TLS), secure digital phone lines, etc.   It is most typically used with key sizes of 128-bits and less.   X-IM uses 256-bit keys, and also removes potentially weak keys from the keyset.

X-IM's public/private key operations use the RSA Public Key algorithm.   These operations essentially include the encryption of session keys (for use by the stream cipher), and the signing of keys or hashes, as a means of authenticating the origin of keys or messages.   This algorithm is most typically used with keys of 1024-bits and less.   X-IM uses two 2048-bit RSA key pairs (one pair for encryption and one for signing) for each user installation, and 2112-bit RSA key pairs for the X-IM Server encryption and signing operations.

If you would like a more detailed overview of the workings of Public Key Encryption and Hybrid Systems in general and X-IM in particular, please click here.

X-IM uses the 160-bit SHA algorithm as its hash function.   The hash function is used as part of the encryption and signing protocols in conjunction with the above mentioned algorithms to cryptologically ensure the integrity of all encrypted and signed information, as well other security-related functions.

All algorithms, including the above-mentioned, have historically occasionally been used in poor ways, such that the security of the algorithm has been undermined by the way in which it is used, or its "protocols."   X-IM's protocols are professionally engineered to implement these algorithms correctly and securely.

More Details

For a more detailed look at the structure of the X-IM cryptosystem, click here.



* Based on the described massively parallel computer running at 100,000 teraflops to factor a 2048-bit RSA key using a general number field sieve.   A brute-force attack on the 256-bit session key would take considerably more time.



Download |  Features |  Our Encryption |  X-IM Cryptosystem Overview |  Support |  Contact/About Us |  Advertise |  Press Releases |  Privacy Statement |  Reseller Program

© Copyright 2003-2004 X-IM Software.     X-IM and X-IM: Encrypted Instant Messaging are trademarks of X-IM Software.