At PAAVS, "privacy" isn't just a policy—it's physics.

In the traditional email model, providers encrypt your data in transit (using TLS) and at rest (on their servers). But here's the catch: they hold the decryption keys. This architecture allows them to scan your emails to serve targeted ads, train AI models, or respond to government subpoenas without your knowledge.

We built PAAVS differently. We engineered a system where we cannot read your data, even if compelled by law or compromised by an attacker.

Zero-Knowledge Architecture Infographic

What is Zero-Knowledge?

Zero-knowledge encryption means that the service provider (us) acts only as a blind storage locker. We hold the encrypted data, but you hold the only key capable of unlocking it.

The Client-Side Encryption Model

The core of our security model is that encryption happens on your device, inside your browser or mobile app, before any data travels over the network.

1. Key Derivation & Master Password

When you sign up, your Master Password is never sent to our servers. Instead, we use it to derive a cryptographic key locally.


// Simplified Key Derivation (PBKDF2/Argon2)
const salt = crypto.getRandomValues(new Uint8Array(16));
const masterKey = await deriveKey(password, salt, {
  iterations: 100000,
  hash: 'SHA-256'
});

This masterKey is used to encrypt your Private Key. We store the encrypted Private Key, but since we never see your password or the masterKey, we can never decrypt it.

2. The Envelope Protocol

When you compose an email, the following process occurs instantly in your browser:

  1. Session Key Generation: A random 256-bit AES key is generated for this specific email.
  2. Payload Encryption: The email body and attachments are encrypted with this Session Key using AES-256-GCM.
  3. Key Encryption: The Session Key itself is encrypted using the recipient's Public Key (RSA-4096).
  4. Transmission: The encrypted payload and the encrypted session key are sent to our server.

Why Hybrid Encryption?

We use a hybrid approach (RSA + AES) because Public Key Cryptography (RSA) is slow for large data. By encrypting the message with a fast symmetric key (AES) and then encrypting just that small key with RSA, we get the best of both worlds: speed and security.

Threat Modeling

We design our system assuming that our servers are hostile territory.

Scenario A: Database Breach

If an attacker dumps our entire database, they will find only useless blobs of encrypted text. Without your Master Password, these blobs are mathematically impossible to crack with current computing power.

Scenario B: Rogue Employee

A malicious engineer at PAAVS cannot access your inbox. There is no "admin panel" that bypasses encryption because the keys physically do not exist on our infrastructure in a usable state.

The Trade-off

Because we don't have your keys, we cannot reset your password. If you lose your Master Password and your Recovery Code, your data is lost forever. This is the price of true privacy.

Open Source Verification

Trust requires verification. That's why our core cryptographic libraries and client-side code are open source. You don't have to take our word for it—you can inspect the code running in your browser to verify that encryption happens exactly as described.

Privacy is a right, not a luxury feature. Welcome to the void.

Step into the shadows.

Join PAAVS