Newbie-please explain the strength of followin…

HI there:) can anyone please explain shortly, how (relatively) secure you personally would deem a messaging app`s privacy concept, if the app implements things like:

1) “messages, voice messages and files/pictures are exchanged between peers using WebRTC data channels”

2) “video/audio calls are based on WebRTC media channels”

3) “Information is always Client-side encrypted with dynamic keys.”

4) WebRTC multimedia calls and data channel exchanges are end-to-end encrypted using the Secure Real-time Transport Protocol (SRTP) and the Stream Control Transmission Protocol (SCTP) over the Datagram Transport Layer Security (DTLS) protocol.

–Current modes used for – video: AES_CM_128_HMAC_SHA1_80 – data/audio: AES_CM_128_HMAC_SHA1_32.

5) “The local data base storing profiles, contacts, relationships attributes and exchanged contents on the device is encrypted using SQLCipher- algorithm is 256-bit AES in CBC mode. Each database page is encrypted and decrypted individually. Every page write includes a Message Authentication Code (HMAC_SHA1) of the ciphertext and the initialization vector. SQLCipher encrypts data pages in journal files.”

6) Perfect forward secrecy: Yes

7) Authentication: No

8) Renting dedicated bare servers – control all software running on the hosts and in the VMs


Found here