Sanket संकेत
Your data. Your Control. Your Ownership.
End-to-end encrypted communication for Defence Forces, Government, and sovereign organisations.
What is Sanket
Sanket is a world-class, military-grade, sovereign communication platform for highly sensitive organisations, Defence Forces and Government departments worldwide. It is designed for teams that need encrypted messaging, controlled deployment, whitelabel branding, and full ownership of communication infrastructure.
What this means
संकेत means "Signal" in English
संकेत (SANKET) - Signal. Code. Indication. Covert sign. Used in military contexts for covert signals between forces. The word IS communications - warm, approachable, and unmistakably Indian.
MADE IN INDIA. FOR INDIA. FOR THE WORLD.
A Sovereign Alternative to Consumer Messengers and Foreign Collaboration Suites
Sanket.Chat is built by Tosh Defence Private Limited for organisations that need military-grade communication without surrendering data, policy, infrastructure, or operational control. Deploy it publicly, whitelabel it for your organisation, or run it in an air-gapped environment.
Your Data
Messages, files, and operational information stay inside the deployment boundary you choose. The server is designed to handle encrypted data, not plaintext.
Your Control
Choose public app, whitelabel cloud, or air-gapped on-premise deployment. Define your users, policies, branding, and infrastructure posture.
Your Ownership
Sanket is built for organisations that need accountable ownership of communication, not dependency on a consumer platform or foreign SaaS roadmap.
World-Class Security
End-to-end encryption, zero-knowledge server design, hardware-backed key storage, and audit-ready controls for sensitive environments.
THE PROBLEM
Highly sensitive organisations worldwide still communicate through consumer messengers and foreign SaaS platforms that they do not control. Messages, metadata, files, admin policy, and availability sit outside their ownership boundary. Sanket changes that.
THE SOLUTION
What Sanket Does
Sanket is a world-class, military-grade, sovereign communication platform for highly sensitive organisations, Defence Forces and Government departments worldwide. It is designed for teams that need encrypted messaging, controlled deployment, whitelabel branding, and full ownership of communication infrastructure.
Sanket can run as a free public peer-to-peer app, a whitelabel cloud solution for sensitive organisations, or an air-gapped on-premise deployment for defence forces and government departments. No foreign analytics, no consumer advertising model, and no uncontrolled data flow.
CAPABILITIES
Key Features
End-to-End Encryption
Signal Protocol with Perfect Forward Secrecy - every message uses a fresh key. No server can decrypt your communications, ever.
Organisation Hierarchy
Role-based access built around your command structure - Commander, Officer, Viewer. Not a generic enterprise org chart.
Flash Broadcast System
Four priority tiers: FLASH / IMMEDIATE / PRIORITY / ROUTINE. Mandatory read acknowledgements for critical orders. Auto-escalation if FLASH goes unread.
Classified File Vault
AES-256-GCM encrypted file sharing with sensitivity labels (Restricted / Confidential / Secret), digital watermarking, and access revocation.
Threat Monitoring Dashboard
Real-time anomaly detection - failed logins, unusual access patterns, off-hours activity. Full tamper-evident audit log of every action.
Complete Data Sovereignty
Hosted on your own servers or government cloud. No foreign infrastructure. No foreign data flows. Fully auditable at any time.
Certification Ready
Built with security certification pathways in mind - adaptable to your country's classified communication standards and compliance requirements.
Offline-Capable
Message queue persists and syncs on reconnect - works in forward areas with intermittent connectivity.
MULTILINGUAL SUPPORT
Available in 26 Languages
Every user, officer, employee, and responder uses Sanket.Chat in their own language. Full interface localisation - not just translation.
हिन्दी
Hindi
বাংলা
Bengali
தமிழ்
Tamil
తెలుగు
Telugu
मराठी
Marathi
ગુજરાતી
Gujarati
ಕನ್ನಡ
Kannada
മലയാളം
Malayalam
ਪੰਜਾਬੀ
Punjabi
ଓଡ଼ିଆ
Odia
অসমীয়া
Assamese
English
English
العربية
Arabic
Français
French
Deutsch
German
Español
Spanish
Português
Portuguese
Русский
Russian
日本語
Japanese
한국어
Korean
中文
Chinese
ไทย
Thai
Tiếng Việt
Vietnamese
Türkçe
Turkish
Nederlands
Dutch
Italiano
Italian
SECURITY ARCHITECTURE
Built to Withstand Nation-State Adversaries
Sanket.Chat uses established cryptographic primitives and deployment controls designed for sensitive organisations and sovereign security review.
Key Agreement (1:1)
X3DH
Extended Triple Diffie-Hellman with ephemeral keys for Perfect Forward Secrecy
Message Ratchet
Double Ratchet
Unique encryption key generated for every single message - compromise of one reveals nothing else
Message Encryption
AES-256-GCM
Authenticated encryption - tampered messages are automatically rejected
Group Encryption
Sender Keys
Per-group encryption chain that rotates automatically when members leave
File Encryption
Double-Layer AES-256-GCM
Per-file random key + conversation key wrapping - even file names are encrypted
Key Derivation
HKDF-SHA256
Unique conversation key derived per group - following RFC 5869
Password Hashing
Argon2id
Memory-hard password hashing - winner of the Password Hashing Competition
Transport Security
TLS 1.3 Only
Certificate pinning enforced - man-in-the-middle attacks are blocked at the transport layer
Local Database Encryption
AES-256 Encrypted
Device database fully encrypted at rest with hardware-derived key material
Private Key Storage
Hardware-Backed Keychain
Private keys stored in hardware security module - never leave the secure chip
Two-Factor Authentication
TOTP (RFC 6238)
Time-based one-time passwords as a mandatory second factor
Random Number Generation
OS-Native CSPRNG
Cryptographically secure random number generation via OS hardware
Zero-Knowledge Server Design
Even with full database and storage access, the server cannot read a single message. All encryption and decryption happens exclusively on your device.
Threat Model - Who We Defend Against
Nation-State SIGINT
TLS 1.3 transport encryption plus end-to-end AES-256-GCM. Double Ratchet ensures Perfect Forward Secrecy - past messages safe even if current keys are compromised.
Compromised Server
Zero-knowledge architecture. Server stores only ciphertext blobs - no key material, no plaintext, no file metadata. Full database access reveals nothing.
Rogue CA / MITM Attack
Certificate pinning enforced at the application layer. Connections to servers with unexpected certificates are blocked before any data is transmitted.
Compromised Device
Private keys stored in hardware security module. Local database fully encrypted at rest. Tamper detection on key material integrity.
Insider Threat (Server Admin)
End-to-end encryption excludes the server from the trust boundary entirely. Admin sees encrypted blobs - same as an external attacker.
Physical Device Seizure
Hardware-backed key protection. Encrypted local database. Admin-gated device trust approval - seized devices can be revoked instantly.
Audited Cryptographic Libraries
DRDO SAG Compliance
DEPLOYMENT OPTIONS
Product Tiers
Sanket.Chat
Free public app for secure peer-to-peer communication.
Sanket.Work
Whitelabel cloud solution for sensitive organisations that need secure internal messaging, admin controls, and rapid rollout.
Sanket.Enterprise
Air-gapped on-premise solution for defence forces, government departments, intelligence agencies, and critical infrastructure.
WHY NOT A FOREIGN ALTERNATIVE?
Why Sanket?
“Your communications should never force you to surrender data ownership. Sanket.Chat keeps control with you.”
INTEGRATION
Works With
DESIGNED FOR
Who It Serves
Proudly Made in India
Engineered in India with world-class standards. Deployable anywhere in the world. Full source code available for sovereign audit. No vendor lock-in. No foreign dependencies.
Ready to See Sanket in Action?
Working prototype available within 30 days. Schedule a live demo with our team tailored to your operational requirements. Anywhere in the world.