undefined | Better HN

0 pointsCivBase5y ago0 comments

I feel like "end-to-end encryption" is a mostly self-explanatory term. All data passed from one end to the other is encrypted.

The point of encryption is to ensure that third parties cannot read your data. If a third party has the power to decrypt and read the data, then it's already misleading to advertise it as "encrypted". That would be like advertising a pair of boots as "waterproof" when they only actually prevent water from entering via the soles.

If the data is encrypted by one end, decrypted by a third party, and received at the other end unencrypted, then the encryption is not "end-to-end". I'm not sure how you could possibly interpret that part any other way.

0 comments

rjmunro5y ago

But that's not the question here. That's only talking about when there is a connector involved. For a zoom-zoom only chat, if my encryption works by:

* I generate a key * I give it to you and another party * You and the other party then chat through my service * I pass the messages between you but don't bother to decrypt them

Does that count as end-to-end encryption? At any time, I could decide to decrypt the message (even months later if it is logged).

j / k navigate · click thread line to collapse