Security
Military-Grade Security Architecture for Sensitive Communication
Sanket is built on the assumption that the server cannot be trusted. End-to-end encryption, hardware-backed key storage, TLS 1.3, certificate pinning, and a zero-knowledge server model combine to ensure that sensitive communication remains protected even if the infrastructure is compromised.
What this means
The platform, in plain terms
Signal Protocol with Double Ratchet key derivation - each message session generates unique ephemeral keys
Perfect Forward Secrecy: compromising a current key cannot decrypt any past communication session
Zero-knowledge server design - the backend stores ciphertext only, never decryptable content
Hardware-backed private key storage on supported Android and iOS devices via secure enclave
TLS 1.3 with certificate pinning prevents man-in-the-middle attacks on the transport layer
No third-party analytics, advertising SDKs, or telemetry that could expose communication metadata
Deployable in air-gapped environments with no external certificate authority or foreign infrastructure dependency
Zero-knowledge by design
Privacy architecture
Privacy begins with architecture, not policy. Sanket's zero-knowledge design means the platform operator - including Tosh Defence Private Limited - cannot access message content, group membership, or communication metadata. This structural guarantee is stronger than any privacy policy.
Signal Protocol · PFS · E2E
Security model
The threat model for sensitive communication includes compromised infrastructure, network interception, and insider access at the platform operator. Sanket's architecture defeats all three: E2E encryption defeats interception, zero-knowledge server defeats infrastructure compromise, and certificate pinning defeats network MitM attacks.
Cloud · Whitelabel · Air-Gap
Deployment control
Security controls are matched to the risk level: Sanket.Chat for public privacy-first communication, Sanket.Work for organisational deployment with admin governance, and Sanket.Enterprise for air-gapped environments where even the transport infrastructure must be under the customer's control.
Zero commercial data extraction
No advertising model
Sanket has no advertising business model and no user profiling. Your communication metadata is not a product. There are no third-party analytics integrations that monetise your operational data.
Signal Protocol - open, audited, battle-tested cryptography
Perfect Forward Secrecy on every session
Zero-knowledge server: no plaintext stored or accessible
Hardware-backed key storage on supported devices
Deployment path
Choose the right tier for your organisation
Sanket.Chat
IndividualPrivacy-first end-to-end encrypted messaging for users who want Signal-class security without an account linked to a phone number.
Sanket.Work
OrganisationWhitelabel encrypted messaging platform with full admin governance, branding, and managed deployment - your data, your rules, your brand.
Sanket.Enterprise
Critical / ClassifiedAir-gapped on-premise deployment for defence forces, governments, and critical infrastructure where no external dependency is acceptable.
Achieve cryptographic assurance that message content cannot be read by the server operator, transit infrastructure, or any third party - backed by Signal Protocol, not policy promises
Harden the attack surface against nation-state and advanced persistent threat actors through Perfect Forward Secrecy, certificate pinning, and hardware-backed key storage
Pass security assessments and audits with a well-documented, open-protocol cryptographic architecture designed for independent review
Frequently asked questions
What encryption protocol does Sanket use?
Sanket uses Signal Protocol - the same open, independently audited cryptographic protocol used by Signal, WhatsApp (for E2E), and several other privacy-first platforms. It provides end-to-end encryption with Double Ratchet key derivation and Perfect Forward Secrecy.
What is Perfect Forward Secrecy and why does it matter?
Perfect Forward Secrecy means each communication session generates unique ephemeral encryption keys. If an attacker compromises a device or intercepts a key in the future, they cannot use it to decrypt past sessions. Every conversation is cryptographically isolated.
What does zero-knowledge server mean in practice?
The Sanket server stores only ciphertext - encrypted message data that it cannot decrypt. Even a Sanket server operator with full database access would see only encrypted binary data. Decryption requires the private keys that exist only on the user's device.
How are encryption keys protected on devices?
On devices that support it - most modern Android and iOS devices - Sanket uses the hardware secure enclave (Android Keystore / iOS Secure Enclave) to store private keys. Keys are generated on-device and never exported or transmitted.
Can Sanket's security architecture be independently audited?
Yes. Sanket is built on open cryptographic protocols (Signal Protocol) that have been independently audited by academic and security research teams. The deployment model and server architecture can be reviewed during a security assessment process.
How does certificate pinning protect against network interception?
Certificate pinning prevents man-in-the-middle attacks where an attacker presents a fraudulent certificate to intercept TLS traffic. Sanket pins to known certificates so the application refuses connections to infrastructure that cannot prove its identity.
Start with a conversation, not a commitment
Tosh Defence Private Limited works with security-conscious organisations through a structured evaluation process. Tell us about your threat model and we will show you the right deployment path.