Social Networking for Humans

UTurn White Paper

Understanding End-to-End Encryption in UTurn

Abstract

This white paper outlines the philosophy, implementation, and impact of end-to-end encryption (E2EE) in the UTurn messaging platform. It explains how E2EE protects user communications, how UTurn applies it to one-on-one chats and calls, and why some conversations use a different encryption model. UTurn is committed to strong, user-first privacy without surveillance, profiling, or monetization of personal data.

1. Introduction

UTurn was designed from the beginning with a core principle: you—not your data—are the product. In a digital landscape increasingly shaped by surveillance capitalism, E2EE is not just a technical feature — it’s a statement of values. It ensures that only the intended recipients of a message can access its contents, preventing even the service provider (UTurn) from viewing or altering communications.

2. What is End-to-End Encryption?

End-to-End Encryption ensures that a message or call is encrypted on the sender's device and only decrypted on the recipient’s device. No third party — including UTurn — can access the plaintext data while it is in transit or on the server.

How it Works (Simplified):

  1. Alice sends a message to Bob.

  2. Her device encrypts the message using Bob’s public key.

  3. The encrypted message travels through UTurn’s servers.

  4. Only Bob’s device, holding the corresponding private key, can decrypt it.

This process happens in real-time and is invisible to users, but it ensures that:

  • UTurn cannot read your messages.

  • Network intermediaries (e.g., ISPs, governments) cannot intercept meaningful content.

  • Message integrity is guaranteed; tampering is detected and rejected.

3. UTurn’s Encryption Model

One-on-One Chats and Calls: End-to-End Encrypted

Every one-on-one conversation is fully protected using E2EE:

  • Message payloads and metadata (where possible) are encrypted.

  • Voice and video calls are protected using secure key exchange and encrypted media streams.

  • Keys are stored only on user devices.

  • If devices are changed, a new encryption session is established, and users are notified.

🔁 Group Chats: Standard Encryption

To prevent the misuse of UTurn’s infrastructure for illegal or unethical group activity, group chats use standard encryption, which still:

  • Protects data in transit.

  • Prevents external interception.

  • Avoids long-term data storage.

Importantly, UTurn does not store group messages once delivered. The design balances user privacy with platform responsibility.

4. Cryptographic Protocols Used

UTurn’s E2EE is built on proven cryptographic standards, including:

  • Elliptic Curve Cryptography (ECC) for key exchange

  • AES-256 for symmetric encryption of message content

  • HMAC or SHA-based message authentication for integrity checks

Key exchanges are done using secure X3DH-like protocols with forward secrecy and key rotation.

We intentionally avoid proprietary or obscure cryptography, and no third-party cloud encryption services are used.

5. Threat Model & Protections

UTurn’s encryption is designed to defend against:

Threat Protected By E2EE?
Passive interception (e.g., ISP) ✅ Yes
Malicious server access ✅ Yes
Insider attacks ✅ Yes
Account takeover (new device) ⚠️ Partially (new session starts, old keys invalidated)
Malicious group creation ✅ Mitigated via design tradeoff in group encryption

 

UTurn does not collect user behavior data, conversation metadata, or device fingerprinting. There are no advertising or data-sharing pipelines in place.

6. Design Tradeoffs

UTurn takes the ethical stance of prioritizing safety and privacy over unchecked anonymity in group settings. Full E2EE in large groups often enables coordinated abuse without any accountability. By using standard encryption for group chats, we retain strong security while preserving the ability to responsibly manage misuse at the network level.

7. Transparency & Accountability

UTurn commits to the following:

  • No cloud services or external infrastructure for encryption handling

  • No backdoors or hidden access points

  • No data resale or metadata analytics

  • No advertising model

  • System integrity audits on a regular schedule

We will publish transparency reports and, where possible, open-source parts of our cryptographic implementation for community review.

8. Conclusion

UTurn’s implementation of end-to-end encryption is more than a technical layer—it is a foundation of trust. By encrypting what matters, storing nothing unnecessary, and designing our systems without compromise, UTurn offers real privacy in a world where it’s increasingly rare.

We encourage scrutiny, welcome feedback, and remain committed to defending your right to communicate freely and securely.