Fully encrypted email on every device

Private.Ki encrypts every email directly on your device before it ever leaves it. The encryption happens client-side, using keys that only you control, so the server never sees plaintext at any point. Your messages remain encrypted in transit and at rest, and only the recipient's device can decrypt them. This ensures that neither Private.Ki nor any intermediary can access the content of your communications.

All emails use OpenPGP with asymmetric key pairs, providing battle-tested, widely verified cryptographic security. Messages are encrypted with the recipient's public key and can only be decrypted using their private key. This model ensures that even if someone intercepts the message or compromises infrastructure, they cannot read the content. PGP also provides integrity protection, ensuring messages cannot be altered without detection.

Unlike most encrypted email services, Private.Ki also encrypts subject lines and email metadata. Sender, recipient identifiers, timestamps, routing information, and conversation graphs are not visible to the server. This prevents profiling, social-graph reconstruction, and traffic monitoring based on metadata. Even high-level patterns — who communicates with whom and when — remain private.

Drafts, signatures, and contact data are encrypted locally using AES-GCM, a modern authenticated encryption standard. AES-GCM not only protects confidentiality but also prevents tampering by verifying the integrity of the encrypted data. This ensures that even temporary or unsent content never appears in plaintext on the server or in local storage. Your email drafts remain protected even during the writing process.

When an email arrives already encrypted with the sender's PGP key, Private.Ki adds an additional layer of PGP encryption before storing it. This "encrypt-on-arrival" approach ensures that encrypted messages sent by others remain doubly protected on server storage. Even if storage were compromised, an attacker would face two independent cryptographic layers. This design upholds the zero-access model for both inbound and outbound mail.

Private.Ki reduces observable patterns in how and when your device communicates with our servers. This includes obscuring message timing, request characteristics, and packet sizes when possible. Such obfuscation makes it significantly harder for an external observer to analyze behavior, infer relationships, or identify message flow. Even without reading content, traffic analysis becomes far less effective.

Your private keys are generated and stored exclusively on your device, never transmitted to Private.Ki's servers. All cryptographic operations — encrypting, decrypting, signing — happen locally, ensuring full user control over the keys. Even in the hypothetical case of a server breach, your private keys remain inaccessible. This model forms the foundation of true end-to-end encryption.

Private.Ki handles key generation, rotation, publishing, and retrieval automatically, reducing complexity for users. The system securely manages everything required for PGP to work without exposing sensitive material or requiring technical expertise. Keys are protected by your passphrase and used only within the device's trusted environment. Users get strong cryptography without having to manage it manually.

Private.Ki does not keep identifying logs such as IP address history, login metadata, device fingerprints, or behavior analytics. There is no server-side data that could reconstruct your communication patterns or be correlated back to you. This means there is no traceable record of how, when, or from where you use the service. Combined with encrypted metadata, this forms a zero-knowledge communication environment.

Private.Ki fully supports VPN and Tor without any functional limitations or reduced capabilities. You can create an account, send mail, and sync devices entirely over anonymizing networks. This allows fully pseudonymous use without revealing your actual network identity. Private.Ki's architecture is designed to remain secure and functional even under network obfuscation layers.