零点课堂 | What is End-to-End Encryption (E2EE)?(4)

taotao 深度 2021年3月19日
7.82K 0

Exchanging messages

Once the parties have their shared secret, they can use it as the basis for an symmetric encryption scheme. Popular implementations typically incorporate additional techniques for more robust security, but all of this is abstracted away from the user. Once you connect with a friend on an E2EE application, encryption and decryption can only occur on your devices (barring any major software vulnerabilities).

It doesn't matter whether you're a hacker, the service provider, or even law enforcement. If the service is truly end-to-end encrypted, any message you intercept will look like garbled nonsense.

The pros and cons of end-to-end encryption

Cons of end-to-end encryption

There's really only one downside to end-to-end encryption – and whether it's even a downside depends entirely on your perspective. To some, the very value proposition of E2EE is problematic, precisely because no one can access your messages without the corresponding key.

Opponents argue that criminals can use E2EE, safe in the knowledge that governments and tech companies can't decrypt their communications. They believe that law-abiding individuals should not need to keep their messages and phone calls secret. This is a sentiment echoed by many politicians who support legislation that would backdoor systems to allow them access to communications. Of course, this would defeat the purpose of end-to-end encryption.

It's worth noting that applications that use E2EE are not 100% secure. Messages are obfuscated when relayed from one device to another, but they're visible on the endpoints – i.e., the laptops or smartphones at each end. This is not a drawback of end-to-end encryption, per se, but it’s worth keeping in mind.

The message is visible in plaintext before and after decryption.

声明:本文由 Binance撰写,零点财经收录,观点仅代表作者本人,绝不代表零点财经赞同其观点或证实其描述。

本文由 零点财经 作者:tao 发表,其版权均为 零点财经 所有,文章内容系作者个人观点,不代表 零点财经 对观点赞同或支持。如需转载,请注明文章来源。
分享生成图片
76

相关文章

发表回复

零点课堂 | What is End-to-End Encryption (E2EE)?(4)

2021-03-19 9:42:16

Exchanging messages

Once the parties have their shared secret, they can use it as the basis for an symmetric encryption scheme. Popular implementations typically incorporate additional techniques for more robust security, but all of this is abstracted away from the user. Once you connect with a friend on an E2EE application, encryption and decryption can only occur on your devices (barring any major software vulnerabilities).

It doesn't matter whether you're a hacker, the service provider, or even law enforcement. If the service is truly end-to-end encrypted, any message you intercept will look like garbled nonsense.

The pros and cons of end-to-end encryption

Cons of end-to-end encryption

There's really only one downside to end-to-end encryption – and whether it's even a downside depends entirely on your perspective. To some, the very value proposition of E2EE is problematic, precisely because no one can access your messages without the corresponding key.

Opponents argue that criminals can use E2EE, safe in the knowledge that governments and tech companies can't decrypt their communications. They believe that law-abiding individuals should not need to keep their messages and phone calls secret. This is a sentiment echoed by many politicians who support legislation that would backdoor systems to allow them access to communications. Of course, this would defeat the purpose of end-to-end encryption.

It's worth noting that applications that use E2EE are not 100% secure. Messages are obfuscated when relayed from one device to another, but they're visible on the endpoints – i.e., the laptops or smartphones at each end. This is not a drawback of end-to-end encryption, per se, but it’s worth keeping in mind.

The message is visible in plaintext before and after decryption.

声明:本文由 Binance撰写,零点财经收录,观点仅代表作者本人,绝不代表零点财经赞同其观点或证实其描述。