Stories with Tag E2EE

• Briar: Peer to Peer Encrypted Messaging

  permalink

  Posted: 2025-03-14 14:36:23

  Verbose tl;dr

  Briar is a messaging app designed for high-security and censored environments. It uses peer-to-peer encryption, meaning messages are exchanged directly between devices rather than through a central server. This decentralized approach eliminates single points of failure and surveillance. Briar can connect directly via Bluetooth or Wi-Fi in proximity, or through the Tor network for more distant contacts, further enhancing privacy. Users add contacts by scanning a QR code or sharing a link. While Briar prioritizes security, it also supports blogs and forums, fostering community building in challenging situations.

  Briar is a messaging app designed with a strong focus on security, privacy, and availability, especially in challenging environments where internet access is unreliable or censored. It achieves this by employing a peer-to-peer architecture, eschewing centralized servers that can be targeted for surveillance or shutdown. Instead of relying on a single server to relay messages, Briar leverages a distributed network formed by the users themselves. Each user's device acts as a node in this network, forwarding messages towards their intended recipients.

  This peer-to-peer system enhances privacy in several key ways. Firstly, it eliminates the central point of vulnerability presented by a traditional server. There's no single entity that can be compelled to hand over data or manipulate communication. Secondly, messages are end-to-end encrypted, meaning they are scrambled at the sender's device and only decrypted at the recipient's device. This prevents eavesdropping, even by other nodes in the Briar network that may be relaying the message. Briar uses well-established cryptographic protocols to ensure the integrity and confidentiality of these messages.

  To establish connections within the network, Briar offers multiple options. Users can add contacts directly by scanning each other's QR codes or by exchanging contact information via Bluetooth. Alternatively, if two users have mutual connections already within the Briar network, those shared connections can serve as a bridge, enabling indirect contact addition. This approach allows users to connect even if they are not physically proximate or able to directly exchange information.

  Briar also facilitates the creation of forums, which are essentially group chats designed for secure and private discussions. Like direct messages, forums are decentralized and rely on the peer-to-peer network for message dissemination. This avoids the potential vulnerabilities of centralized forum servers.

  In situations where internet connectivity is unavailable, Briar can still function by utilizing Bluetooth or Wi-Fi networks. Devices within Bluetooth range can communicate directly, while devices on the same local Wi-Fi network can also exchange messages, effectively creating a localized mesh network independent of the wider internet. This offline functionality is particularly crucial in areas experiencing internet shutdowns or natural disasters, ensuring lines of communication can remain open.

  Furthermore, Briar is designed with security in mind, aiming to resist surveillance and censorship efforts. The peer-to-peer architecture and end-to-end encryption make it difficult for third parties to intercept or monitor communications. The decentralized nature of the network also makes it resilient against takedown attempts, as there is no single server to target. Briar is open-source software, allowing for independent auditing and verification of its security features. This transparency contributes to trust and ensures the community can scrutinize the code for potential vulnerabilities.

  • peer-to-peer
  • p2p
  • Encrypted Messaging
  • Secure Messaging
  • privacy
  • Security
  • off-the-grid
  • censorship resistance
  • Briar
  • Briar Project
  • messaging app
  • Mobile App
  • Android
  • End-to-End Encryption
  • E2EE
  • Decentralized
  • internet freedom

  Summary of Comments ( 131 )
  https://news.ycombinator.com/item?id=43363031

  Verbose tl;dr

  Hacker News users discussed Briar's reliance on Tor for peer discovery, expressing concerns about its speed and reliability. Some questioned the practicality of Bluetooth and Wi-Fi mesh networking as a fallback, doubting its range and usability. Others were interested in the technical details of Briar's implementation, particularly its use of SQLite and the lack of end-to-end encryption for blog posts. The closed-source nature of the Android app was also raised as a potential issue, despite the project being open source overall. Several commenters compared Briar to other secure messaging apps like Signal and Session, highlighting trade-offs between usability and security. Finally, there was some discussion of the project's funding and its potential use cases in high-risk environments.

  The Hacker News post titled "Briar: Peer to Peer Encrypted Messaging" linking to Briar Project's "how it works" page generated a moderate amount of discussion, with several commenters expressing interest in the project and its technical aspects.

  A recurring theme is Briar's unique approach to peer-to-peer communication, which avoids relying on central servers. Several comments delve into the specifics of this, comparing it to other messaging apps like Signal and Session. One commenter points out that Briar "uses Bluetooth and wifi-direct for local communication" when internet connectivity is unavailable, distinguishing it from apps that rely solely on internet access. Another commenter elaborates on this, explaining how this feature enables communication in "challenging network environments" like protests or areas with internet censorship.

  The discussion also touches on the trade-offs of this decentralized approach. A commenter highlights the "higher barrier to entry" due to the need for direct connections or a trusted contact already on the network, contrasting it with the ease of joining centralized platforms. Another acknowledges the potential difficulty in discovering and adding contacts.

  Security and privacy are also prominent in the discussion. Commenters discuss the encryption methods employed by Briar and its resistance to surveillance. One commenter inquires about metadata leaks, specifically regarding "Bluetooth broadcast device names," raising concerns about potential identification even with encrypted messages.

  Furthermore, the conversation drifts towards the practical usability of Briar. Commenters discuss its interface and user experience, with some expressing a desire for a more polished design. The limited platform support (Android only at the time of the comments) is also mentioned. A commenter expresses interest in iOS and desktop support, indicating a demand for broader accessibility.

  Finally, some comments provide additional context, mentioning related projects like Ricochet Refresh and the challenges of building truly decentralized and secure communication systems. One commenter mentions the historical precedent of "sneakernet" as a precursor to Briar's approach.

  In summary, the comments section demonstrates a significant interest in Briar's decentralized approach to secure messaging, while also acknowledging the practical challenges and trade-offs involved. The discussion focuses heavily on the technical aspects, comparing Briar to existing solutions and exploring its potential use cases in situations where traditional communication channels are unavailable or compromised.

• Delta Chat – Email Based PGP Encrypted Chat

  permalink

  Posted: 2025-03-05 03:50:21

  Verbose tl;dr

  Delta Chat is a free and open-source messaging app that leverages existing email infrastructure for communication. Instead of relying on centralized servers, messages are sent and received as encrypted emails, ensuring end-to-end encryption through automatic PGP key management. This means users can communicate securely using their existing email addresses and providers, without needing to create new accounts or convince contacts to join a specific platform. Delta Chat offers a familiar chat interface with features like group chats, file sharing, and voice messages, all while maintaining the decentralized and private nature of email communication. Essentially, it transforms email into a modern messaging experience without compromising user control or security.

  Delta Chat presents itself as a novel approach to secure messaging by leveraging the existing, globally ubiquitous infrastructure of email. Instead of relying on centralized servers and proprietary protocols, Delta Chat functions as an email client with an integrated end-to-end encryption layer powered by Autocrypt, an open standard for PGP key management. This allows users to communicate securely with anyone who has an email address, regardless of whether they are also using Delta Chat. If the recipient is also a Delta Chat user, the experience resembles a traditional instant messaging application, offering features like read receipts, typing indicators, and group chats. However, even if the recipient is using a standard email client, the message content remains encrypted, ensuring confidentiality.

  The key advantage of this approach is its decentralized nature. There is no single point of control or failure. Messages are simply emails, transmitted and stored within the existing email infrastructure. This eliminates the need for users to create new accounts or convince their contacts to join a specific platform. Delta Chat merely adds a layer of encryption and a streamlined user interface to pre-existing email accounts. It aims to simplify secure communication by removing the technical hurdles often associated with PGP, such as key exchange and management. Autocrypt handles this transparently in the background, automating the encryption and decryption process.

  Furthermore, Delta Chat promotes interoperability and user autonomy. Users retain full control over their data, as their messages reside within their chosen email provider. The application is open-source and available across various platforms, including desktop, mobile, and web. The project emphasizes simplicity and ease of use, striving to make secure messaging accessible to a wider audience without requiring specialized technical knowledge. By leveraging the familiarity and ubiquity of email, Delta Chat aims to offer a practical and secure alternative to centralized messaging platforms. It combines the benefits of established email infrastructure with the security of end-to-end encryption, presented in a user-friendly interface.

  • Delta Chat
  • Email
  • PGP
  • Encryption
  • Encrypted Chat
  • Secure Messaging
  • Messaging
  • privacy
  • Open Source
  • Decentralized
  • instant messaging
  • Chat App
  • End-to-End Encryption
  • E2EE
  • Autocrypt

  Summary of Comments ( 56 )
  https://news.ycombinator.com/item?id=43262510

  Verbose tl;dr

  Hacker News commenters generally expressed interest in Delta Chat's approach to secure messaging by leveraging existing email infrastructure. Some praised its simplicity and ease of use, particularly for non-technical users, highlighting the lack of needing to manage separate accounts or convince contacts to join a new platform. Several users discussed potential downsides, including metadata leakage inherent in the email protocol and the potential for spam. The reliance on Autocrypt for key exchange was also a point of discussion, with some expressing concerns about its discoverability and broader adoption. A few commenters mentioned alternative projects with similar aims, like Briar and Status. Overall, the sentiment leaned towards cautious optimism, acknowledging Delta Chat's unique advantages while recognizing the challenges of building a secure messaging system on top of email.

  The Hacker News post titled "Delta Chat – Email Based PGP Encrypted Chat" generated several interesting comments, focusing on the practicality, security, and adoption challenges of using email as a platform for encrypted messaging.

  Several commenters appreciated Delta Chat's approach of leveraging existing email infrastructure for encrypted communication. They highlighted the advantage of not requiring users to create new accounts or convince their contacts to join a new platform. The decentralized nature of email was seen as a plus, avoiding reliance on centralized servers controlled by specific entities. One commenter even praised the ability to self-host the email server for enhanced privacy.

  However, the metadata leakage inherent in email communication was a recurring concern. Commenters pointed out that while message content is encrypted, information like sender, recipient, and timestamp remains visible. Some discussed the possibility of using anonymous email services or mixing techniques to mitigate this issue, but acknowledged the added complexity and limitations.

  The usability of PGP encryption was also a topic of discussion. Some commenters expressed concern about the technical hurdles involved in setting up and managing PGP keys, which could hinder widespread adoption. The comment section mentioned Autocrypt as a simpler alternative for key management within Delta Chat, potentially addressing this challenge.

  Another thread of conversation revolved around the practical limitations of using email for real-time chat. Commenters acknowledged the asynchronous nature of email and questioned its suitability for instant messaging. However, proponents argued that Delta Chat's push notification functionality mitigates this issue to some extent, making it viable for less time-sensitive communication.

  The discussion also touched upon the social aspects of using email for chat. Some users pointed out the potential confusion for recipients unfamiliar with Delta Chat, who might receive unexpected encrypted messages in their inbox. Educating contacts about the system and its functionality was seen as a crucial step for successful adoption.

  Finally, several comments compared Delta Chat to other secure messaging apps like Signal and WhatsApp. While acknowledging the strengths of these established platforms, proponents of Delta Chat emphasized its unique advantages in terms of decentralization, leveraging existing infrastructure, and avoiding reliance on specific companies.

  Overall, the comments on Hacker News reflect a mix of enthusiasm and skepticism towards Delta Chat. While many appreciate its innovative approach and potential benefits, concerns remain regarding metadata leakage, usability, and the practical challenges of adapting email for chat. The discussion highlights the ongoing search for a secure and user-friendly messaging solution that balances privacy with practicality.

• Reviewing the Cryptography Used by Signal

  permalink

  Posted: 2025-02-18 12:35:34

  Verbose tl;dr

  Signal's cryptography is generally well-regarded, using established and vetted protocols like X3DH and Double Ratchet for secure messaging. The blog post author reviewed Signal's implementation and found it largely sound, praising the clarity of the documentation and the overall design. While some minor theoretical improvements were suggested, like using a more modern key derivation function (HKDF over SHA-256) and potentially exploring post-quantum cryptography for future-proofing, the author concludes that Signal's current cryptographic choices are robust and secure, offering strong confidentiality and integrity protections for users.

  This blog post by Soatok, titled "Reviewing the Cryptography Used by Signal," provides an in-depth examination of the cryptographic choices and implementations within the Signal messaging protocol, focusing on both its strengths and potential areas for improvement. The author prefaces their analysis by acknowledging Signal's strong reputation for security and privacy, emphasizing that their goal is not to condemn Signal, but rather to offer constructive criticism and promote a broader understanding of cryptographic design principles.

  The review begins with a dissection of Signal's "Double Ratchet" algorithm, which combines a Diffie-Hellman (DH) ratchet with a symmetric-key ratchet to provide forward secrecy and post-compromise security. Soatok explains how this mechanism ensures that the compromise of a single device's keys doesn't compromise past or future message exchanges. The author also details how the X3DH key agreement protocol is employed for initial key exchange, ensuring secure communication even when users are offline.

  A significant portion of the post delves into the nuances of Signal's use of the Extended Triple Diffie-Hellman (X3DH) key agreement protocol, praising its robust security properties. The author meticulously describes how X3DH establishes shared secrets between users, utilizing both long-term identity keys and ephemeral prekeys to provide a balance between security and efficiency. The discussion extends to the management of these prekeys and the implications for message delivery when devices are offline.

  Further, Soatok discusses Signal's implementation of the Double Ratchet algorithm and its integration with the X3DH protocol. They explain how these mechanisms work in concert to provide end-to-end encryption and forward secrecy, protecting messages from eavesdropping and ensuring that past messages remain confidential even if a device is compromised. The author also touches upon the concept of "future secrecy," which is partially achieved by the Double Ratchet but acknowledges the limitations in preventing access to future messages if a device is currently compromised.

  Beyond the core cryptographic protocols, the post examines Signal's choice of cryptographic primitives, specifically the use of the XEdDSA and VXEdDSA signature schemes. The author explains the benefits of these schemes in terms of security and efficiency, and notes the distinction between XEdDSA, used for signing prekeys, and VXEdDSA, used in the Double Ratchet. They also highlight Signal's transition to more modern cryptographic primitives, illustrating their commitment to staying up-to-date with best practices.

  While largely positive about Signal's cryptographic design, Soatok does raise some minor concerns. These include the potential complexity of implementing the Double Ratchet correctly and the need for careful consideration of key management practices. The author also suggests potential areas for future improvement, such as incorporating post-quantum cryptography to prepare for future advancements in computing.

  Concluding the review, the author reiterates their respect for Signal's security efforts and emphasizes the importance of ongoing scrutiny and improvement in the field of cryptography. The post serves as a valuable resource for anyone seeking a deeper understanding of the cryptographic underpinnings of Signal and the broader principles of secure messaging.

  • Cryptography
  • signal
  • Security
  • Messaging
  • privacy
  • Review
  • End-to-End Encryption
  • E2EE
  • Signal Protocol
  • Double Ratchet
  • X3DH
  • Key Agreement
  • Messaging Security
  • secure communication

  Summary of Comments ( 132 )
  https://news.ycombinator.com/item?id=43088785

  Verbose tl;dr

  Hacker News users discussed the Signal cryptography review, mostly agreeing with the author's points. Several highlighted the importance of Signal's Double Ratchet algorithm and the trade-offs involved in achieving strong security while maintaining usability. Some questioned the practicality of certain theoretical attacks, emphasizing the difficulty of exploiting them in the real world. Others discussed the value of formal verification efforts and the overall robustness of Signal's protocol design despite minor potential vulnerabilities. The conversation also touched upon the importance of accessible security audits and the challenges of maintaining privacy in messaging apps.

  The Hacker News post titled "Reviewing the Cryptography Used by Signal" (linking to soatok.blog/2025/02/18/reviewing-the-cryptography-used-by-signal) generated a moderate discussion with a handful of comments focusing on specific aspects of Signal's cryptography and its review.

  Several commenters highlight the rigor and trustworthiness of Signal's cryptographic choices. One notes that Signal's use of the Double Ratchet Algorithm provides strong forward secrecy and resilience against compromise. They emphasize the importance of this feature in protecting past messages even if a current key is compromised. Another commenter concurs, pointing out Signal's proactive approach to security and its history of public audits, which contributes significantly to trust in their implementation.

  Some discussion revolves around the nuances of cryptographic implementations. One commenter mentions the subtle complexities involved in securely implementing the Double Ratchet, and how even minor deviations or errors can potentially introduce vulnerabilities. This highlights the importance of careful review and scrutiny even for well-established cryptographic primitives. Another thread focuses on the X3DH key agreement protocol, discussing its role in establishing secure communication channels and its resistance to certain types of attacks.

  One commenter expresses skepticism, questioning the necessity of such a detailed review given Signal's established reputation and existing audit history. They argue that the effort might be better spent elsewhere, perhaps on less scrutinized projects. This prompts a counter-argument that ongoing reviews are essential, especially in a constantly evolving threat landscape, and that even widely trusted systems benefit from periodic reassessment.

  The conversation also touches upon the broader importance of secure messaging and the role of Signal in that ecosystem. One commenter expresses appreciation for Signal's commitment to open-source development and transparent security practices, contrasting it with closed-source alternatives where independent verification is difficult or impossible.

  Overall, the comments on Hacker News generally reflect a positive view of Signal's cryptography, acknowledging its strengths and robustness while also highlighting the ongoing need for review and scrutiny in the field of security. The discussion avoids deeply technical jargon, making it accessible to a broader audience while still touching on key cryptographic concepts.

• Let's talk about AI and end-to-end encryption

  permalink

  Posted: 2025-01-17 05:50:25

  Verbose tl;dr

  The blog post "Let's talk about AI and end-to-end encryption" explores the perceived conflict between the benefits of end-to-end encryption (E2EE) and the potential of AI. While some argue that E2EE hinders AI's ability to analyze data for valuable insights or detect harmful content, the author contends this is a false dichotomy. They highlight that AI can still operate on encrypted data using techniques like homomorphic encryption, federated learning, and secure multi-party computation, albeit with performance trade-offs. The core argument is that preserving E2EE is crucial for privacy and security, and perceived limitations in AI functionality shouldn't compromise this fundamental protection. Instead of weakening encryption, the focus should be on developing privacy-preserving AI techniques that work with E2EE, ensuring both security and the responsible advancement of AI.

  The blog post "Let's talk about AI and end-to-end encryption" by Matthew Green on cryptographyengineering.com delves into the complex relationship between artificial intelligence and end-to-end encryption (E2EE), exploring the perceived conflict between allowing AI access to user data for training and maintaining the privacy guarantees provided by E2EE. The author begins by acknowledging the increasing calls to allow AI models access to encrypted data, driven by the desire to leverage this data for training more powerful and capable AI systems. This desire stems from the inherent limitations of training AI on solely public data, which often results in less accurate and less useful models compared to those trained on a broader dataset, including private user data.

  Green meticulously dissects several proposed solutions to this dilemma, outlining their technical intricacies and inherent limitations. He starts by examining the concept of training AI models directly on encrypted data, a technically challenging feat that, while theoretically possible in limited contexts, remains largely impractical and computationally expensive for the scale required by modern AI development. He elaborates on the nuances of homomorphic encryption and secure multi-party computation, explaining why these techniques, while promising, are not currently viable solutions for practical, large-scale AI training on encrypted datasets.

  The post then transitions into discussing proposals involving client-side scanning, often framed as a means to detect illegal content, such as child sexual abuse material (CSAM). Green details how these proposals, while potentially well-intentioned, fundamentally undermine the core principles of end-to-end encryption, effectively creating backdoors that could be exploited by malicious actors or governments. He meticulously outlines the technical mechanisms by which client-side scanning operates, highlighting the potential for false positives, abuse, and the erosion of trust in secure communication systems. He emphasizes that introducing any form of client-side scanning necessitates a shift away from true end-to-end encryption, transforming it into something closer to client-to-server encryption with client-side pre-decryption scanning, thereby compromising the very essence of E2EE's privacy guarantees.

  Furthermore, Green underscores the slippery slope argument, cautioning against the potential for expanding the scope of such scanning beyond CSAM to encompass other types of content deemed undesirable by governing bodies. This expansion, he argues, could lead to censorship and surveillance, significantly impacting freedom of expression and privacy. The author concludes by reiterating the importance of preserving end-to-end encryption as a crucial tool for protecting privacy and security in the digital age. He emphasizes that the perceived tension between AI advancement and E2EE necessitates careful consideration and a nuanced approach that prioritizes user privacy and security without stifling innovation. He suggests that focusing on alternative approaches, such as federated learning and differential privacy, may offer more promising avenues for developing robust AI models without compromising the integrity of end-to-end encrypted communication.

  • AI
  • artificial intelligence
  • End-to-End Encryption
  • E2EE
  • Cryptography
  • Security
  • privacy
  • Data Protection
  • Technology
  • blog
  • Online Communication
  • Messaging
  • Data Security
  • Encryption Algorithms
  • AI Safety
  • AI Ethics

  Summary of Comments ( 98 )
  https://news.ycombinator.com/item?id=42734478

  Verbose tl;dr

  Hacker News users discussed the feasibility and implications of client-side scanning for CSAM in end-to-end encrypted systems. Some commenters expressed skepticism about the technical challenges and potential for false positives, highlighting the difficulty of distinguishing between illegal content and legitimate material like educational resources or artwork. Others debated the privacy implications and potential for abuse by governments or malicious actors. The "slippery slope" argument was raised, with concerns that seemingly narrow use cases for client-side scanning could expand to encompass other types of content. The discussion also touched on the limitations of hashing as a detection method and the possibility of adversarial attacks designed to circumvent these systems. Several commenters expressed strong opposition to client-side scanning, arguing that it fundamentally undermines the purpose of end-to-end encryption.

  The Hacker News post "Let's talk about AI and end-to-end encryption" has generated a robust discussion with several compelling comments. Many commenters grapple with the inherent tension between the benefits of AI-powered features and the preservation of end-to-end encryption (E2EE).

  One recurring theme is the practicality and potential misuse of client-side scanning. Some commenters express skepticism about the feasibility of truly secure client-side scanning, arguing that any client-side processing inherently weakens E2EE and creates vulnerabilities for malicious actors or governments to exploit. They also voice concerns about the potential for function creep, where systems designed for specific purposes (like detecting CSAM) could be expanded to encompass broader surveillance. The chilling effect on free speech and privacy is a significant concern.

  Several comments discuss the potential for alternative approaches, such as federated learning, where AI models are trained on decentralized data without compromising individual privacy. This is presented as a potential avenue for leveraging the benefits of AI without sacrificing E2EE. However, the technical challenges and potential limitations of federated learning in this context are also acknowledged.

  The "slippery slope" argument is prominent, with commenters expressing worry that any compromise to E2EE, even for seemingly noble purposes, sets a dangerous precedent. They argue that once the principle of E2EE is weakened, it becomes increasingly difficult to resist further encroachments on privacy.

  Some commenters take a more pragmatic stance, suggesting that the debate isn't necessarily about absolute E2EE versus no E2EE, but rather about finding a balance that allows for some beneficial AI features while mitigating the risks. They suggest exploring technical solutions that could potentially offer a degree of compromise, though skepticism about the feasibility of such solutions remains prevalent.

  The ethical implications of using AI to scan personal communications are also a significant point of discussion. Commenters raise concerns about false positives, the potential for bias in AI algorithms, and the lack of transparency and accountability in automated surveillance systems. The potential for abuse and the erosion of trust are recurring themes.

  Finally, several commenters express a strong defense of E2EE as a fundamental right, emphasizing its crucial role in protecting privacy and security in an increasingly digital world. They argue that any attempt to weaken E2EE, regardless of the intended purpose, represents a serious threat to individual liberties.