Every conversation, file share, or call on UltimaOS begins with an ML-KEM-768 key encapsulation. The encapsulated session key seeds an XChaCha20-Poly1305 symmetric channel that carries the actual content.
01
Conversation setup
When user A opens a chat with user B, the client requests B's ML-KEM-768 public key from the server. The client encapsulates a fresh 256-bit key against it, sends the ciphertext to B, and both sides derive the same session key.
02
File encryption
File uploads generate a per-file 256-bit key. The file is encrypted with XChaCha20-Poly1305, and the file key is encapsulated with ML-KEM-768 against each recipient's public key. Recipients decapsulate to recover the file key.
03
Call key negotiation
Voice and video calls establish a fresh ML-KEM-768 session every 60 seconds, providing cryptographic forward secrecy even within a long call. A passive recorder of one segment cannot decrypt previous or subsequent segments.
04
Group rekeying
Group chats rekey when membership changes. New members receive the group key encapsulated with their individual ML-KEM-768 public key. Removed members lose access because the new group key is not encapsulated for them.