Peerio

Peerio was a cross-platform end-to-end encrypted application that provided secure messaging, file sharing, and cloud file storage. Peerio was available as an application for iOS, Android, macOS, Windows, and Linux. Peerio (Legacy) was originally released on 14 January 2015, and was replaced by Peerio 2 on 15 June 2017. The app is discontinued.

Messages and user files stored on the Peerio cloud were protected by end-to-end encryption, meaning the data was encrypted in a way that could not be read by third parties, such as Peerio itself or its service providers. Security was provided by a single permanent key-password, which in Peerio was called an "Account Key".

The company, Peerio Technologies Inc., was founded in 2014 by Vincent Drouin. The intent behind Peerio was to provide a security program that is easier to use than the PGP standard.

Peerio was acquired by WorkJam, a digital workplace solutions provider, on January 13, 2019.

Features
Peerio allowed users to share encrypted messages and files in direct messages or groups that Peerio called "rooms".

Peerio "rooms" were offered as a team-oriented group chat, allowing administrative functionality to add and remove other users from the group chat.

Peerio allows users to store encrypted files online, offering limited cloud storage for free with optional paid upgrades.

Peerio messages and files persist between logins and hardware, differing from ephemeral encrypted messaging apps which do not retain message or file history between logins or different devices.

Peerio supported application based multi-factor authentication.

Peerio allowed users to share animated GIFs.

End-to-End Encryption
Peerio utilized end-to-end encryption and it was applied by default to all message and file data. End-to-end encryption is intended to encrypt data in a way that only the sender and intended recipients are able to decrypt, and thus read, the data.

Taken from Peerio's privacy policy:

"Peerio utilizes the NaCl (pronounced "salt") cryptographic framework, which itself uses the following cryptographic primitives: Additionally, Peerio uses scrypt for memory-hard key derivation and BLAKE2s is used for various hashing operations.
 * X25519 for public key agreement over elliptic curves.
 * ed25519 for public key signatures.
 * XSalsa20 for encryption and confidentiality.
 * Poly1305 for ensuring the integrity of encrypted data.

For in-transit encryption, Peerio Services used Transport Layer Security (TLS) with best-practice cipher suite configuration, including support for perfect forward secrecy (PFS). You can view a detailed and up-to-date independent review of Peerio's TLS configuration on SSL Labs."

Code Audits
Prior to Peerio's initial release, the software was audited by the German security firm Cure53, which found only non-security related bugs, all of which were fixed prior to the applications release.

According to Peerio's website, the application was also audited in March 2017 by Cure53.

Open Source
Peerio was partly open source and published code publicly on GitHub

Bug Bounty
Peerio offered a bug bounty, offering cash rewards for anyone who reports security vulnerabilities.

Peerio (Legacy)
The first iteration of Peerio, Peerio (Legacy), was developed by Nadim Kobeissi and Florencia Herra-Vega and was released on 14 January 2015 and was closed on 8 January 2018.

Peerio (Legacy) was a free application, available for Android, iOS, Windows, macOS, Linux, and as a Google Chrome extension. It offered end-to-end encryption, which is enabled by default. The encryption used the miniLock open-source security standard, which was also developed by Kobeissi.

On 15 June 2017, Peerio 2 was launched as the successor to Peerio (Legacy). According to the company's blog, Peerio 2 is purported to be a "radical overhaul" of the original application's core technology. Claimed benefits in comparison to Peerio (Legacy) include increased speed, support for larger file transfers (up to 7000GB), and a re-designed user interface. Peerio also stated an added focus towards businesses looking for encrypted team collaboration software.