Comment by JW_00000
15 days ago
But if they could give a key to the government agency, it wouldn't be end-to-end encrypted, right? Or are you thinking they would have a copy of users' keys that they gave out? (Which I guess is technically possible.)
15 days ago
But if they could give a key to the government agency, it wouldn't be end-to-end encrypted, right? Or are you thinking they would have a copy of users' keys that they gave out? (Which I guess is technically possible.)
They could also cripple user key-generation. E.g. they choose random primes from a known subset. It would make communication crackable while also being difficult to detect.
It would be no different from how multiple devices and users access the same content (chat, shared data, etc.). The government’s keys would always be included in set which encrypts the real key. They don’t need the users’ key, Apple doesn’t need their private keys. So technically still end to end encrypted, just with a hidden party involved. Users have no way of knowing this doesn’t already happen.
And when their key leaks, it’s as good as no encryption, but still end-to-end encrypted.
If the other end is the government, then it's kinda valid? =)
You can not use a DH key exchange, and create the symmetric key by some procedure that is predictable, or encode the symmetric key with the government's public key and send it to them.
It doesn't stop being end-to-end when you add another end. We often do group chats that way.
Or you can create a side-channel and send al the data there. That would stop it from being end-to-end.