Oversec Help

Symmetric Keys

Note: You don't need any symmetric key if you're using the "simple", password-based encryption or PGP encryption.

Creating a Key

Tap on (+) to create a new key. Select one of the available key types:

Random Key

Creates a random 256-bit secret key.

It is impossible to crack such key, but it will take some effort to securely share it with your remote party.

Please wait a few seconds while Oversec creates the key, then enter an Alias or Name for the key and finally tap the "Save" button.

Password-based Key

Creates a key based on a passphrase.

This is less secure, but you only need to agree on a passphrase, so the other party can generate a matching key.

Note that this is still safer than using the "simple" passphrase based encryption mode, as Oversec will require a lot of computing power to derive a 256 bit symmetric key from the passphrase.

Please enter a secure and long passphrase or tap on "Suggest Strong Password" to let Oversec generate a secure passphrase for you. Then repeat-type the password to make sure you have remembered it. Then tap "continue"

Please wait a few seconds while Oversec calculates a key based on the passphrase, then enter an Alias or Name for the key and finally tap the "Save" button.

Sharing / Importing a Key

The best way to import a key is to directly scan it from the other phone via QR-Code:

Alice

Bob

If you have received an image of the QR-Code some other way:

Sharing

To share a key on an insecure channel (i.e. email)

Backup

To back up your keys by e.g. printing the out on a piece of paper or storing them on removable media:

Confirming Keys

When importing keys from another source, they will be marked as "unconfirmed". This is because keys can possibly be tampered with before you get to import them.

You need to contact the person you got the key from via a secure channel (phonecall?) and compare the key fingerprints. To start this process, open the key and tap the (✓) button