PrivMX Architecture

The PrivMX Architecture provides specification and tools for creating client-server applications with increased data security. It’s a combination of zero-knowledge server architecture, client-side encryption, secure communication protocol and independent public key infrastructure. The PrivMX architecture is based on and inspired by TLS, IMAP, PGP, CONIKS (Key Transparency) and Bitcoin technologies, and use proven algorithms such as AES, ECC, ECDH, SRP, PBKDF2, HMAC-SHA256.


PrivMX Architecture – whitepaper (pdf)


  • General information
  • Client-server communication – PrivMX addresses, Service Discovery procedure, PrivMX TLS protocol, PrivMX Proxy.
  • PrivMX server – ECC keys as identifiers and access rights, data blocks, descriptors, mailboxes, messages, public and private users’ data.
  • Standard PrivMX client library – Extended ECC keys, creating accounts, login and initialization of the client, files and directories, sending and receiving messages, data sharing.
  • PrivMX PKI – private database of keys with public history of changes, downloading and verifying public keys, audits, consensus, web-of-trust, example of using PrivMX PKI.

The PrivMX Architecture is one of the most important “ingredients” used by Simplito to design and imlpement encrypted business applications.