Semaphor aspires to further address decades-old issues with identity and the hostile relationship between user interfaces and secure systems.
These include: password-less sign up, secure device-to- device provisioning, contact cards with visually appealing peer key verification ("the Semaphoric pattern"), and an evolving implementation of Nervous Design. Semaphor's design is a rethink of common UX solutions to the challenges presented by end-to-end encrypted systems. Semaphor focuses on fast and beautiful UX and employs end-to-end encryption for authentication of identities and confidentiality of content. Semaphor is a real-time team collaboration application created by SpiderOak intended to provide an experience comparable to products like HipChat, Slack, or IRC. This document gives an outline of what occurs cryptographically as Semaphor is used, and the interrelationship between objects in the Semaphor object schema. The implementation of Flow is from a single Golang code base on all client platforms. The data structures and sync protocol (the “Flow” technology) are created by SpiderOak and independently reviewed by outside engineers and cryptographers. Bernstein's NaCl (in the form of libsodium) for most cryptographic operations. The Semaphor app provides team collaboration functionality, such as message and file transfer, built with a No Knowledge design, where the vendor or hosting provider is unable to access content sent by the users of the software.
The following white paper outlines the security and encryption used in SpiderOak's Semaphor product.