This application is a product of IranCubator 2 app incubator initiative.

Nahoft

Nahoft (meaning "hidden" in Farsi) is a state-of-the-art encryption mobile app custom-built for Iranian users. While not a messenger, it can be used with any messaging app. If there is an internet shutdown or if the international messaging apps are unavailable, Nahoft can make private communication secure in an insecure network (National Internet Network aka NIN). Nahoft was created for Iranian activists, journalists, civil society organizations, and regular people so that they can safely access information, exchange ideas, advocate for human rights, and continue to organize undetected by the regime.

Nahoft has been downloaded over 22000, and has been featured in several media pieces worldwide such as Vice News and WIRED, has been selected by YouFab as a winning finalist, and has been added to Rights CoLab's Mapping Civil Society Innovation initiative. The app is currently in a new round of development.

This is a screenshot of an article by Vice about Nahoft. Click to read the full article.
This is a screenshot of an article by Trend Watching about Nahoft. Click to read the full article.
This is a screenshot of an article by Wired about Nahoft. Click to read the full article.

Click on the image to read the full article!

- Adam Jacob, CEO and Co-Founder at System Initiative

“Milad brings a fierce intelligence and passion to product work. He's built products that have dramatically impacted the lives of millions of people, and he's done it under truly complex conditions. He's an incredible asset to any product team.”

Key insights from the report included:

Iran's National Information Network (internal internet aka NIN) cannot be completely isolated from the global internet due to critical dependencies - government institutions, financial systems, and diplomatic channels require external connectivity. Even during shutdowns, some connections must remain open, creating inherent vulnerabilities in the system.

  • NIN faces significant technical limitations, including:

  • Lack of adequate search engine capabilities

  • Heavy reliance on foreign hardware/software infrastructure

  • Poor alternatives to common services (social media, messaging, etc.)

  • Dependency on Chinese technology and expertise

Multiple experts agreed that secure communication within such a network is possible through message encryption (particularly using public-key encryption and data encapsulation techniques) rather than trying to mask user identities. The most secure approach suggested was embedding encrypted messages within regular files (images, audio) while maintaining normal usage patterns to avoid detection.

See the full report here.

1. Origination of the Idea and Validation through User Research

Nahoft was born from within the organization, inspired by Reza Ghazinouri (a senior advisor at United for Iran and currently a product manager at Google) and a journalist. The need for a secure communication tool arose from the increasing risks faced by activists and journalists due to internet shutdowns and government surveillance in Iran.

To validate the idea, the team conducted a series of interviews with experts and activists to assess the necessity of such a tool. These interviews revealed that existing popular messaging platforms (like What’sApp, Telegram, and Signal) were unreliable during internet blackouts, and there was a growing need for a tool that could work offline while maintaining high standards of encryption and security.

2. Addressing the Feasibility Risk: In the search of the Right Technical Partner

After validating the concept, our highest priority was to address the feasibility risk of the product. Not having the relevant technical expertise in house or within our network, we created a basic wireframe to evangelize the app idea and vision to potential contributors and technical partners in conferences and through newsletters and article pieces. This wireframe illustrated the core features, including offline encryption, secure message transmission, and steganography.

During one of my presentations at a webinar, the idea caught the attention of Operator Foundation, a group specializing in encryption, steganography, and obfuscation. Their technical expertise made them the perfect partner for Nahoft, and together, we began developing the app.

3. Building the MVP

Given the complex technical requirements, we prioritized feasibility risks in the development of the Minimum Viable Product (MVP). The focus was on ensuring the encryption, steganography, and offline functionality worked effectively. Over six months of close collaboration with the Operator Foundation, we developed an MVP that”

Implemented state-of-the-art encryption with both steganography and obfuscation features which successfully demonstrated the feasibility of the core concept.

Encryption: Nahoft uses strong encryption to transform text into an unreadable format, ensuring that messages remain confidential and secure.

Steganography: It employs steganography to hide these encrypted messages within images, concealing the fact that they contain secret information.

Obfuscation: The app also uses a form of obfuscation by making the encrypted text appear as a harmless string of words, which adds another layer of security through ambiguity.

Offline Capability: Significantly, Nahoft's encryption works offline, which is crucial in areas with internet blackouts or heavy censorship.

With the MVP validating our approach, we moved forward with more advanced development.

4. Refining the UX/UI and Enhancing the Technology

After the MVP was complete, we focused on significantly improving the usability of Nahoft. Given the complexity of the app's functionality, it was essential that it remain intuitive and user-friendly for all types of users. This phase involved:

  • Enhanced UX/UI Design: We worked with the designers to redesigned the app interface through multiple rounds of user testing, and created a new version of wireframing.

  • Advanced Encryption: We enhanced the encryption technology to ensure it was more resilient to threats from surveillance services and restricted governments. The goal was to make Nahoft robust enough to resist advanced security breaches.

The app also went through two rounds of third-party penetration testing to ensure its security was airtight, and accessibility testing to improve its usability for individuals with different needs. This feedback helped us refine the app even after its public release.

5. Release and Rigorous Testing

While the app still required further refinement in terms of mass user-friendliness, we released Nahoft to a limited group of activists, our primary target audience, who urgently needed secure communication tools. Even after the public release, we continued to rigorously test and refine the app to ensure it met the highest standards of security and accessibility.

6. Recognition and Future Development

Nahoft quickly gained recognition from major publications, including Wired and Vice, for its innovative approach to secure communication. The app was widely praised for addressing a critical need and became one of the most invested products within the IC2 program due to its high impact potential.

As the IC2 program approached its final phase, we secured ongoing funding for Nahoft’s future development. Currently, the second version of the app is under development, focusing on improving usability for a broader audience and enhancing the encryption technology even further.