Comment by scripturial
1 day ago
It is possible to set up end to end encryption where two different keys unlock your data. Your key, and a government key. I assume google does this.
1. encrypt data with special key 2. encrypt special key with users key, and 3. encrypt special key with government key
Anyone with the special key can read the data.the user key or the government key can be used to get special key.
This two step process can be done for good or bad purposes. A user can have their key on their device, and a second backup key could be in a usb stick locked in a safe, so if you loose your phone you can get your data back using the second key.
"…two different keys…. Your key, and a government key. I assume google does this."
With the present state of politics—lack of both government and corporate ethics, deception, availability of much fake news, etc.—there's no guarantee that you could be certain of the accuracy of any information about this no matter what its source or apparent authenticity.
I'd thus suggest it'd be foolhardy to assume that total privacy is assured on any of these services.
BTW, I don't have need of these E2E services and don't use them, nor would I ever use them intentionally to send encrypted information. That said, occasionally, I'll send a PDF or such to say a relative containing some personal info and to minimize it being skimmed off by all-and-sundry—data brokers, etc. I'll encrypt it, but I always do so on the assumption that government can read it (that's if it's bothered to do so).
Only fools ought to think otherwise. Clearly, those in the know who actually require unbreakable encryption use other systems that are able to be better audited. If I were ever in their position, then I'd still be suspicious and only out of sheer necessity/desperation would I send an absolute minimum of information.
Yes. There is no ability to know one way or the other if Google, and similar services retain a secondary way to access decryption key. In light of this the only option is to _assume_ they have the capability.
Given the carefully crafted way companies describe their encryption services, it seems more likely than not they have master keys of some sort.
> …there's no guarantee that you could be certain of the accuracy of any information about this no matter what its source or apparent authenticity.
In any case like this, the only thing you could truly trust would be the source code and even then you’d have to be on the lookout for backdoors, which would definitely be beyond my own capability to spot.
In other words, the best bet is to probably only use open source solutions that have been audited and have a good track record, wherever available. Not that there are that many options when it comes to mobile OSes, although at least there are some for file storage and encryption.
Obviously, that's the ideal course of action but I'd reckon that in practice those who would have both a good understanding of the code as well as the intricacies/strengths of encryption algorithms and who also have need to send encrypted messages is vanishing small—except perhaps for some well-known government agencies.
1 reply →
> I don’t care for encryption or need it
> encrypts a pdf sent to tech illiterate family members
From where did you get both 'care' and 'illiterate' — words that I never used?
Not only have you misquoted me, but also you've attempted to distort what I actually said by changing its inference.
E2EE means only your intended recipients can access the plaintext. Unless you intend to give the government access to your plaintext, what you described isn’t E2EE.
Is that google's definition or your definition? not being rude, but its pretty easy to get tricky about this.
Since you are sending the data to google, isn't google an intended recipient? Google has to comply with a variety of laws, and it is likely that they are doing the best they can under the legal constraints. The law just doesn't allow systems like this.
If Google is employing this “one simple trick”, they will get sued into the ground for securities fraud and false advertising.
9 replies →
What's the intended recipient of your message? It's not Google, right?
You're discussing encryption in transit vs encryption at rest in this thread.
1 reply →
> E2EE means only your intended recipients can access the plaintext.
No, it does not. It means that only endpoints - not intermediaries - handle plaintext. It says nothing about who those endpoints are or who the software is working for.
Key escrow and E2EE are fully compatible.
No, it is not. This is precisely why we have the term E2EE. An escrow agent having your keys but pinky promising not to touch them is indistinguishable from the escrow agent simply having your plaintext.
Unless you’re fine with the escrow agent and anybody they’re willing to share the keys with being a member of your group chat, in which case my original point still stands.
5 replies →
> Key escrow and E2EE are fully compatible.
Wild to see someone on HN even entertain this idea.
6 replies →
Manufacturers have lied about E2EE since the beginning. Some claim that having the key doesn't change that it's e2ee. Others claim that using https = e2ee, because it's encrypted from one end to the other, you see? (A recent example is Anker Eufy)
The point is that the dictionary definition of E2EE really doesn't matter. Being pedantic about it doesn't help. The only thing that matters is that the vendor describes what they call E2EE.
Yes, but going by that, most messaging services advertised as "E2EE" are already not E2EE by default. You trust them to give you the correct public keys for peer users, unless you verify your peers in-person. Some like iMessage didn't even have that feature until recently.
Google intends you and the government as recipients of data here.
Sure is - three ends - you, the intended recipient, and the government.
I expect this is what they are all doing tbh, although isnt google open source? should be checkable, if the binaries the distribute match the source... oh...
"a special key" afaik is where instead of using 2 large primes for a public key, it uses 1 large prime and the other is a factor of 2 biggish primes, where 1 of the biggish is known, knowing one of the factors lets you factor any public key with a not insignificant but still more compute than most people have access to.
UK has also invested in some serious compute that would appear dedicated to exactly this task.
basically if you dont have full control over the key generation mechansim and enc/dec mechansim it is relatively trivial for states to backdoor anything they want.
Would that still count as E2E-encrypted if another party has access? That would still count as lying to me.
To call it lying is just arguing about the meanings of words. This is literally what lawyers are paid to do. The data payload can be called end to end encrypted. You can easily say to the user that "your emails are encrypted from end to end, they are encrypted before it leaves your computer and decrypted on the receivers computer" without talking about how your key server works.
Systems that incorporate a method to allow unlocking using multiple keys don't usually advertise the fact that this is happening. People may even be legally obligated to not tell you.
Well Wikipedia says this about E2E:
“End-to-end encryption (E2EE) is a method of implementing a secure communication system where only communicating users can participate. No one else, including the system provider, telecom providers, Internet providers or malicious actors, can access the cryptographic keys needed to read or send messages.”
So if you send another set of keys to someone else, it’s obviously not E2E.
2 replies →
> To call it lying is just arguing about the meanings of words.
Or, as us lowly laypeople call it, lying.
TIL man in the middle = e2e encryption.
3 replies →
That depends on the definition of "end".
To say nothing of the definition of "definition", or at least a common understanding.
https://m.youtube.com/watch?v=gRelVFm7iJE
1 reply →