How MeshCore Keeps Messages Safe
MeshCore protects your communications through proven encryption, decentralized architecture, and transparent open-source code.
Security As Foundation, Not Feature
Off-grid MeshCore communications often involve sensitive content: your location during backcountry trips, your group's whereabouts, coordination with companions. MeshCore was engineered with security as a core architectural principle, not a marketing afterthought.
Messages travel via LoRa radio through a decentralized mesh. No central servers store your data. No company can hand over what it does not possess. Security still depends on the actual implementation details, so RegionMesh now describes those details more carefully.
RegionMesh helps communities across America establish secure, resilient off-grid communications. Independent, free, built on cryptographic foundations trusted worldwide.
Security Architecture
Current Private-Message Encryption
Private messages are encrypted in the current MeshCore implementation, which upstream code and docs describe as AES-128 block encryption with MAC validation.
Secure Key Exchange
MeshCore relies on shared keys and MAC validation in the current implementation. RegionMesh no longer presents it as a modern per-conversation protocol like Signal.
Serverless Architecture
No central servers exist to store, analyze, or surrender messages. Data travels directly between devices.
Encrypted Relay
Intermediate nodes forward encrypted packets. RegionMesh avoids overstating the current model beyond what upstream code and docs support.
Open Source Verification
Every line of code is public. Security researchers audit for vulnerabilities. Transparency builds trust.
No Hidden Access
Public code means no secret backdoors. Community verification ensures no surveillance mechanisms exist.
Technical Security Mechanisms
Private-Traffic Protection
Private traffic is encrypted before transmission. RegionMesh now describes that protection in a narrower, more implementation-aware way than classic end-to-end messaging apps.
Distributed Trust
No single point controls security. Even if individual nodes are compromised, the overall system remains secure.
Forward Secrecy Approach
RegionMesh no longer claims forward secrecy here. The current implementation should be described more modestly: useful protection, but with different trade-offs than modern secure messengers.
Integrity Verification
Cryptographic checksums detect any tampering during transmission. Modified messages are identified and rejected.
Security Advantages
Bank-Grade Encryption
Private MeshCore traffic is better protected than open radio traffic, but RegionMesh now avoids broad AES-256 claims on top of the current implementation.
No Corporate Visibility
Unlike iMessage or WhatsApp, no company infrastructure handles your traffic. No terms of service changes can expose your data.
Device-Based Keys
Encryption keys never leave your device. Security depends on your hardware, not external services.
Verifiable Claims
Open-source code means security experts worldwide can verify every claim. No trust required β verify instead.
Resistant To Blocking
Decentralized architecture prevents shutdown or filtering. No central point to target.
Offline Security
Encryption works without internet connection. Full protection even during complete infrastructure absence.
When Security Matters Most
-
β
Backcountry coordination: Share sensitive location and status information without interception concerns.
-
β
Family privacy: Keep personal conversations genuinely private, away from commercial platforms.
-
β
Organizational resilience: Maintain confidential internal communications when regular systems are unavailable.
-
β
Community organization: Coordinate neighborhood activities without surveillance concerns.
-
β
Sensitive circumstances: When discretion matters, MeshCore provides genuine confidentiality.
-
β
Peace of mind: Know your communications are protected by established cryptographic standards.
Security Questions
Is MeshCore Encryption Genuinely Secure?
The current implementation offers useful protection and is materially better than sending radio traffic in the clear. For technical specifics, see our detailed encryption guide, which now reflects the upstream code and documentation more closely.
Could Authorities Access My Messages?
Private messages are encrypted in the current MeshCore implementation. Public channel traffic remains visible to participants on that channel.
What About Metadata Exposure?
Metadata (who contacts whom, when, from where) is more visible than content. For maximum privacy, use pseudonymous identities and disable automatic location sharing.
Is Open-Source Actually More Secure?
Generally yes. Proprietary software requires trusting the company. Open-source enables independent verification by security experts. Transparency provides stronger assurance than promises.
What If My Device Is Stolen?
Device physical security is your responsibility. Protect with PIN or password. Without access to your unlocked device, stored messages remain encrypted.
How Does This Compare To Signal Or WhatsApp?
Signal and WhatsApp encrypt message content but require internet and transit company servers. MeshCore works without internet and has no company servers. Different trade-offs, but MeshCore devices offer greater infrastructure independence.
Communications You Can Trust
MeshCore still offers meaningful privacy advantages for off-grid communications: no central servers, no company in the middle, and encrypted private traffic. RegionMesh now describes the exact cryptography more carefully than before.