undefined | Better HN

0 pointsniij8y ago0 comments

>And if all devices (including possible server-kept archive private key derivation passphrase) are lost, then message history is gone.

If a server can decrypt your messages, then it's not really E2E anymore, is it?

0 comments

drdaeman8y ago

I believe E2E means that data is encrypted and decrypted on endpoints and nothing else. It doesn't imply how the keys are produced or who else knows the keys.

But I was thinking about a scheme, where the key is encrypted with a passphrase (that user's ought to remember) and kept on server. You fetch the blob, decrypt it (server can't), get the key and thus are able to decrypt the existing data (message archive).

This lowers security, but adds a significant convenience of being able to recover history if the only device is broken or lost. Which may be important for casual users.

j / k navigate · click thread line to collapse

0 pointsniij8y ago0 comments

>And if all devices (including possible server-kept archive private key derivation passphrase) are lost, then message history is gone.

If a server can decrypt your messages, then it's not really E2E anymore, is it?

0 comments

drdaeman8y ago

I believe E2E means that data is encrypted and decrypted on endpoints and nothing else. It doesn't imply how the keys are produced or who else knows the keys.

This lowers security, but adds a significant convenience of being able to recover history if the only device is broken or lost. Which may be important for casual users.

j / k navigate · click thread line to collapse