Content deleted Content added
m Reverted edits by Dappyprivacymatters01 (talk): unexplained content removal (HG) (3.4.12) |
new key for Category:End-to-end encryption: " " using HotCat |
||
(15 intermediate revisions by 13 users not shown) | |||
Line 12:
== E2EE and privacy ==
In many messaging systems, including [[email]] and many chat networks, messages pass through intermediaries and are stored by a third party,<ref>{{Cite web|title=Cryptography Concepts
This allows the third party to provide search and other features, or to scan for illegal and unacceptable content, but also means they can be read and misused by anyone who has access to the stored messages on the third-party system, whether this is by design or via a [[backdoor (computing)|backdoor]]. This can be seen as a concern in many cases where privacy is very important, such as businesses whose reputation depends on their ability to protect third party data, negotiations and communications that are important enough to have a risk of targeted 'hacking' or surveillance, and where sensitive subjects such as [[health]], and information about minors are involved{{Explain|reason=how E2EE definition is distinct from Forward secrecy or DTLS|date=June 2020}}.
Line 38:
==== Authentication ====
{{see also|Key Transparency}}
Most end-to-end encryption protocols include some form of endpoint [[Authentication cookie|authentication]] specifically to prevent MITM attacks. For example, one could rely on [[Certificate Authority Security Council|certification authorities]] or a [[web of trust]].<ref>{{cite web|title=What is man-in-the-middle attack (MitM)?
When displayed for human inspection, fingerprints usually use some form of [[Binary-to-text encoding]]{{citation needed|date=June 2020}}.<ref>{{cite journal|last=Dechand|first=Sergej|date=10–12 August 2016|title=An Empirical Study of Textual Key-Fingerprint Representations|url=https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_dechand.pdf|journal=The Advanced Computing System Association|pages=1–17}}</ref> These strings are then formatted into groups of characters for readability. Some clients instead display a [[natural language]] representation of the fingerprint.<ref name="pEp-whitepaper">{{cite web|url=https://pep.foundation/docs/pEp-whitepaper.pdf|title=pEp White Paper|publisher=pEp Foundation Council|date=18 July 2016|access-date=11 October 2016|url-status=live|archive-url=https://web.archive.org/web/20161001160110/https://pep.foundation/docs/pEp-whitepaper.pdf|archive-date=1 October 2016}}</ref> As the approach consists of a [[one-to-one mapping]] between fingerprint blocks and words, there is no loss in [[entropy]]. The protocol may choose to display words in the user's native (system) language.<ref name="pEp-whitepaper"/> This can, however, make cross-language comparisons prone to errors.<ref name="Marlinspike-2016-04-05"/>
Line 82:
{{DEFAULTSORT:End-To-End Encryption}}
[[Category:Cryptography]]
[[Category:End-to-end encryption| ]]
[[Category:Telecommunications]]
[[Category:Secure communication]]
|