WhisprChat Compliance

Encryption Usage

• WhisprChat uses end-to-end encryption to secure private messages.
• All cryptographic operations use Apple’s CryptoKit framework.
• No custom or proprietary cryptography is implemented.

Algorithms

• Key Agreement: P256 Elliptic Curve (ECDH)
• Message Encryption: AES-GCM (128-bit) for confidentiality and integrity

Compliance

• WhisprChat qualifies for exemption under Category 5, Part 2 of the U.S. Export Administration Regulations (EAR).
• The app is a general consumer messaging app; it is not designed for government, military, or regulated industry use.
• No VPN, proxy, or tunneling functionality is provided.

Data Handling

• Communication is peer-to-peer over Bluetooth Low Energy (BLE) and WiFi Direct.
• No central servers are used for message relay or storage.
• Messages and contacts remain local to the user’s device.

Intended Use Cases

• Personal communication in offline or low-connectivity environments
• Travel, outdoor events, festivals, emergency preparedness
• Privacy-first scenarios with no accounts, no servers, no tracking

Reviewer Notes (App Store)

WhisprChat uses Apple’s CryptoKit with P256 key agreement and AES-GCM. It does not implement custom cryptography. The app provides offline, peer-to-peer messaging and does not provide VPN, proxy, or tunneling capabilities. It uses Apple APIs (CoreBluetooth and Network.framework) exclusively.

Contact

WhisprChat Development Team
privacy@derrytech.com