How and where is my key pair generated?

During initial setup of your Threema ID, a key pair for the encryption of messages based on Elliptic Curve Cryptography (ECC) is generated. This key generation is performed directly on your phone, without any server interaction. The private key never leaves your device. The random data necessary for key pair generation is obtained from the phone's random number generator and is mixed with further random data that you generate yourself by moving your finger on the screen. This ensures that even if a weakness is discovered in the phone's random number generator, the private keys of the users cannot be cracked.

For more information about the cryptography in Threema, read the Cryptography Whitepaper.