undefined | Better HN

0 pointsslazaro8y ago0 comments

Is it technically impossible to have end to end encryption with full history, even synced? As long as you have the decryption key, you could have synced encrypted history, the best of both worlds, right?

0 comments

shalmanese8y ago

It's not technically impossible but it is tricky. Signal hasn't figured it out yet but a university research group has a fork of Signal that claims to support it in a privacy preserving way but it hasn't undergone a thorough security audit.

Double_a_928y ago

A good encryption doesn't let you decode old messages even if you know the key. That's to prevent "the enemy" from recording everything in the hope of getting the key someday.

samat8y ago

Consider you’ve lost all your devices and logged in to a service. It either can decipher your history or it can’t. And if it can (which is convinient) - why have a e2e in the first place?

drdaeman8y ago

Revoke the key, so the lost device won't be able to read the new messages. What the device already knows - it just can't be helped.

This is irrelevant to E2E or even PFS. Basically, it's about message archive security - either it's leaked (and no amount of encryption and authentication would help) or not.

E2E systems can sync message history - by mutually verifying device keys and then propagating data across such trusted links. I mean, if someone can send you a large file there is no reason one of your devices can't send a message to another your device, with a large encrypted blob of what it knows about the past. And if all devices (including possible server-kept archive private key derivation passphrase) are lost, then message history is gone.

niij8y ago

>And if all devices (including possible server-kept archive private key derivation passphrase) are lost, then message history is gone.

If a server can decrypt your messages, then it's not really E2E anymore, is it?

1 more reply

j / k navigate · click thread line to collapse