You get the notification in the middle of the night. Your team has identified a breach in a core system on the network, and discovered the cyber-attackers have gained access to corporate servers, user passwords, and possibly more.

You go into action with your response plan, but then realize the attackers may have the ability to read emails or eavesdrop on your communications and observe your response strategy.

What do you do?


Pre-determining a secure method of team communication before an event could prevent a bad situation getting even worse. Teams should have an easy and accessible method to bootstrap secure channels using any available network – be it a public consumer network, or a compromised internal WiFi network. The endpoints should be ubiquitously available to the team, and mobile – such as a personal smartphone.

The British Ministry of Defence had a similar need for their coalition forces. When dropped into foreign territories, they had to assume all available local networks were hostile, yet they needed to somehow bootstrap secure channels over these same networks.

They turned to the world renowned cyber-security team at Oxford University for a solution, who were more than up to the challenge.


The result? A lightweight authentication protocol to create secure channels between two or more endpoints for transmission of sensitive communication data.

Called Hash Commitment Before Knowledge (HCBK), the protocol has been patented in both European and US markets, and is now available commercially for the first time in Scrambl, a highly secure Instant Messaging communications app for smartphones.

Scrambl allows cyber-security teams to have a secure means of communicating amongst themselves at a moments notice. Just open the app on any iOS device, enter the email address of the person you’d like to connect with, and Scrambl runs an authentication process to create an encrypted, secure channel between you and the other party.

Scrambl also works with groups – just add more people to the channel as required, for the ability to chat and share image files in a group session.

Channels can be deleted after use, or left intact for the next incident requiring assurance you’re secure.

Download Scrambl


Scrambl VPC diagram

Scrambl creates authenticated private channels between users. These ‘Scrambl channels’ provide end to end encryption of all messages, with keys only ever being stored on the devices – never on a server.

But most importantly is how Scrambl authenticates users on each end of the channel, — thereby ensuring there can be no “man-in-the-middle” compromising its encryption or privacy.

For professionals requiring absolute privacy in their communications, there is no safer way than Scrambl.


Scrambl is the first commercial deployment of the HCBK (Hash Commitment Before Knowledge) protocol, invented by OxCEPT, a team of security experts spun out from the University of Oxford.

Developed to protect MOD soldiers in the coalition battlefield, HCBK provides military-grade authentication over any network, and has been validated and deemed virtually unbreakable by an independent panel of security experts.