What is end-to-end encryption

Asked

Viewed 2,621 times

16

I hear a lot about this cryptography business end-to-end but I can’t quite understand why it’s called the "safest option for privacy". I have doubts and enumerated them, see:

  • What is?
  • How it works?
  • She is inviolable?
  • There is way to work it in PHP?
  • Its advantages and disadvantages

3 answers

10


Usually the term is used outside the context of programming. Although often what we do in a typically web application is technically similar to encryption end-to-end, by the definition of the term is something different. The term is used to indicate the security of data traffic between two private agents without interference from any third party.

This end-to-end means that communication takes place between two endpoints. This is used in emails and instant messages, things that usually don’t go through a server or happen, only transiently.

The term is not used when a client communicates with a server. Although technically it is possible to use PHP to make a communication end-to-end, he not usually used for this.

Let’s say you create applications that do encrypted communication end-to-end going through your PHP server. If communication really is end-to-end, your PHP application doesn’t even need to know the content, it only handles generic data. She doesn’t know if it’s encrypted or not, she doesn’t know what’s in there. If she needs it and can tell, then you no longer have a communication end-to-end.

And this "can know" can be directly or indirectly. Even if the communication is all encrypted, if there’s some way around it, we’re already seeing a glitch and I don’t think the term could be used. Especially the exchange of keys for encryption can become problematic. And I don’t see how to solve this through browsers.

To head start of it is precisely not to let intermediaries interfere in the content. A downside is that the two ends need to ensure secure communication by their own means and this is not simple to do mainly because users - in general they are laypeople - need to take actions that they do not understand and may be mistaken.

Any security is inviolable until someone breaks in. As the term is only a concept and not a specific technology it can be more or less inviolable according to what and how it is being used.

Let’s assume you have a Javascript application on your phone and a PHP application on your home computer. Both are not compromised and have effective means of encrypting the data they traffic between themselves without intermediaries, eventually even via HTTPS. I think we can say that PHP was used for communication end-to-end. Technically I think it’s E2E. But doing this isn’t typical, and it’s not even simple. And it doesn’t even make much sense, it has better ways and technologies to get the same or better result.

Some technologies used to ensure secure communication end-to-end:

They are all specific ways to use "traditional" encryption. They work on application layer. The user is responsible for making them work. They use an application from one vendor, an encryption utility from another, a transport from another, an intermediary server, when there is another, a certificate from another and the service of putting all this together another and that should preferably be the user himself. They should all be trusted. Ideally they should be publicly audited. A service like Telegram seems to solve large parts of the difficulties but has a problem, they provide everything that is needed. You have to trust them. You can’t have any back-door. And many companies do, not to have legal problems.

All encryption is done between the final parts and even if the encrypted data goes through intermediaries, until proven otherwise, they cannot have access to the flat data nor for a minimum moment to not hurt the concept.

I doubt it is possible with current technology that standard web pages can do the whole process on their own without intermediaries at least for key exchange.

It is possible to make applications for E2E communication using other protocols or even web protocols but differently from browsers.

It would probably still need a server to put the two tips in touch, which is already a breach of privacy because someone will know who is contacting whom. Ever thought about it? Privacy and total E2E inviolability is very hard to get even in real life.

If the applications at the tips provide all the means to do the rest of the communication, exchange keys that can be authenticated (needs a private certificate) without being able to be used to decipher the data trafficked by those who are not the tip, is E2E.

Make a chat and ensuring things that you cannot or do not know effectively guarantee can bring legal problems depending on how it is sold to the end user. How to ensure inviolability by being an intermediary? It is possible but not simple to implement, especially using fragile technologies like scripts PHP and browsers. It will certainly not be reliable if stored on the message and key server in databases or other ways.

I’m not an expert on the subject but in general it’s this.

Trying to bring together all the pieces of the subject:

  • Interestingly, I thought it was an algorithm or something of the kind, Telegram for example uses end-to-end to save your data, I have some questions, I think you can clarify me, "This is used in emails and instant messages, things that usually don’t go through a server or happen, albeit transiently." How so do not go through the server? The data does not have to be saved in a database for example? I got lost there..

  • Well, I developed a project and from the beginning I found the idea of leaving the data of the database "raw" without any kind of protection absurd, since then I encrypt my saved data and decrypt them at the time of displaying to the final user, an example of this was a chat I developed, all chat data was recorded in the database and all were encrypted and at the time of listing I decrypted.. The question is, can this be considered end-to-end encryption? Or does the fact that the data passes through my server change..?

  • Instant messaging doesn’t usually go through. In the case of email passes but if the encryption was made between clients only (usually by PGP), the server does not participate in the encryption process, although it is an intermediary agent of the transport it is not agent of the application. For the server they are only indecipherable data. Only the clients will know what to do with this data. Which is different from data traffic between a browser and a PHP server under normal conditions. Then the server participates, who has access to the server, can intercept the data at a given time.

  • This example of chat is not end-to-end, your server is participating and may interfere with the process. You, owner of chat is not in a end neither the other end. Only people talking are. You’re an intermediary and you can tell what’s going on in the conversation. And even other people could if they could access your server. Encrypting the data in DB does not guarantee much. Is the transport encrypted? Are you using HTTPS, for example? When it arrives at the server this is decrypted and until you encrypt to put in the database, it is unprotected.

  • Really I’m very confused at the moment, I thought I was doing it in a correct way, My God did I miss my project? Anyway... But the data should not be saved? Like, how do they display the already exchanged conversation then?

  • What I think can be considered end-to-end if the encryption happens in the browser and traffic so independent of the protocol and you take this data already encrypted and that you can not do anything with this data this way other than write and send to another place, can not read or change it. There only those who can be considered the owner of this data (one way or another) could receive and decrypt the data.

  • Now it became clearer to me, ie I (server) just use the data to send to another person, this was clear, but how would be made this encryption in the browser, HTTPS?

  • 1

    What I can tell you is that almost no one understands security, even experienced developers. I even know some security experts, who are far from my case, who make several mistakes on the subject. If you want to ensure security hire an expert. Security is an extremely tricky topic. Somehow a chat need to be saved. This is a very naive way to do this. Unless you want to save the conversation history, you have exactly zero reasons to save the data. Depending on the case the server does not even need to exist p/the chat itself.

  • Thank you so much I will study and do research, Thank you!!

  • 1

    It can’t be HTTPS, it has to use its own means, with its own keys that users have and that to do it right they must have personal certificates, something that almost nobody has, and they don’t even imagine how to make it work. It’s complicated for lay users and only they can do this on their computers (of course they can ask a technician, but you as a server can’t help at all). This more or less I spoke on the answer. the subject is too extensive to fit into a question. To understand everything would have to ask very specific questions.

  • 1

    Understand that end-to-end cannot be influenced by intermediaries. You as a server in this example you are using cannot help users to have security/privacy end-to-end. Only they can do something. The most you can do is put a script that makes their lives a little easier and instructions on what to do but the rest have to be with them. If you meddle technically speaking it is no longer end-to-end. And even this script can already compromise, because they would have to trust him, trust that you did not fail him, on purpose or unintentionally.

  • 2

    "since then I encrypt my saved data and decrypt them when displaying to the end user" And where do you keep the key? Have you considered that if an attacker has access to your server, he will see not only the encrypted messages but the key as well? The only exception is if this key is outside the BD, in a settings file for example - SQL Injection is a very common attack, well more than a complete access to your file system. That is, it helps a little bit, yes, but it’s not nearly as safe as simply storing raw data. Sometimes the simplest is better.

  • I have been searching and I did not succeed, there is some way to send information from user 1 to user 2 without needing a server (I do not see how because the server directs the data but ok), so to achieve the end-to-end...?

  • This is already another question but for standard web? Not that I know of. Web is not solution to all problems.

Show 9 more comments

6

To maniero’s response already explains what it is end-to-end, I will only complement by addressing your specific questions:

She is inviolable?

Nothingness is inviolable. Only by way of example:

  • If a computation is occurring on the server, the server may intrude on it (it is not end-to-end);
  • If the server only sends you the code (Javascript, for example), and all encryption/decryption occurs in the browser, looks like If you don’t trust the server, how do you know it’s sending the right Javascript? It could replace your script with another one, one that goes over the encryption and sends the original data somewhere else...
  • If you are using a program installed on your computer, and not a web page, I ask: where did you download this program from? Do you trust your supplier? He could have one backdoor to access your data before encryption...
  • You got the program in source format, checked it was all right, and compiled it yourself. Ok, but your compiler is reliable? Where did you get it, you trust your supplier? And the computer that this program is running on, it actually does what you tell it to do, it has none backdoor on the operating system, or even on the operating system itself hadrware?

    (Note: this last item is quite extreme, but illustrates the point I want to pass, that you always have to trust someone.)

There is way to work it in PHP?

As already explained, if PHP processes the data in flat format, it is no longer end-to-end. And if it serves the code that will be used for the end-to-end, in principle is all right, but ultimately either the user trusts his system, or he will not execute a code served by his system...

Its advantages and disadvantages

The main advantage is the reduction of attack opportunities, by reducing the number of third parties you need to trust. As I said, it is not possible to eliminate the requirement of trust, but reducing it is already an advance.

The biggest disadvantage is that responsibility for safety falls on the shoulders of the end user. If this is not well trained, your experience with the system will be severely impaired. As an example, let’s say your server stores past communications in a file. At a certain point, the user forgets his password. Normally you could reset it, but if this password is responsible for deriving the encryption key, and you do not know it (remembering: otherwise it would not be end-to-end), when resetting it user loses access to all his file...

In the same vein, if Alice wants to communicate with Bob it is necessary that both exchange keys and/or certificates in order to establish the communication end-to-end. Can your server help with this? Not at all! If he participated in the key exchange, he would be in the perfect position to execute an attack Man-In-The-Middle... Your users need to make this exchange and/or verification of identity by a secure means, for example personally. If any of them take a "shortcut" (say, sending the key by e-mail) it already compromises the security of the communication (it will the email provider replaces the key with one of his possession). Etc..

Overall, I would say that the benefits are few and the costs are quite high. Unless you have a very specific need, and are willing to use the most suitable software for this (preferably made by experts, and not home-made; Maniero already quotes some, I would add the GPG and the Enigmail - for the sending of emails). In my company for example, we use a common email for everything, only when we need to send something very confidential (a password, for example) do we make use of these tools. It doesn’t pay, there’s gotta be a good reason behind it...

  • It’s complicated, how you even said everything needs a point of confidence. I’m trying to create an end-to-end chat application but apparently I won’t be able to use that slogan..

  • I have been searching and I did not succeed, there is some way to send information from user 1 to user 2 without needing server (I do not see how because the server directs the data but ok), so get the end-to-end...?

  • @user3715916 The issue is not to use or not to use a server, but to ensure that only users 1 and 2 have access to content in the original format. If the contents are encrypted, and the server doesn’t have the key, then it’s okay. The hard part is getting user 1 and user 2 to switch keys without the server gaining access to them. P.S. If you’re still interested in server-less communication, study peer-to-peer. Here is an example of a project where users communicate directly with each other, without server.

  • Thanks for the link and additional information, I’m studying a little and I got into this problem that Voce even mentioned " The hard thing is to get user 1 and user 2 to change keys without the server gaining access to them" there is some article or something of the kind that explains how to make the exchange of keys without anyone knowing them?

  • May I suggest this article on Wikipedia (in English). Do not expect to find a 100% solution, since this is an open problem... But from this article you can study and evaluate the main existing solutions (Infrastructure of Public Keys - PKI - and Web of Trust), as well as its limitations.

0

A service like Telegram seems to solve large parts of the difficulties but has a problem, they provide everything that is needed. You have to trust them. You can’t have any back-door.

I just wanted to add that Telegram is the best recent example I’ve seen of end-to-end encryption, but that’s it: use their Servers. However, consulting the code, you can get an idea of what the structure is like. You can see here, on the Github links they post.

Here they explain superficially how they use end-to-end encryption in secret chat:

When a secret chat is created, the Participating Devices exchange EncryKeys using the so called Diffie-Hellman key exchange. After the Secure end-to-end Connection has been established, we generate a picture that visualizes the Encryption key for your chat. You can then compare this image with the one your Friend has - if the two images are the same, you can be sure that the secret chat is Secure and no man-in-the-Middle Attack can possibly Succeed. (Link)

Browser other questions tagged

You are not signed in. Login or sign up in order to post.