All Questions
Tagged with end-to-end-encryption encryption
44 questions
3
votes
1
answer
569
views
Browser- side caching of encrypted sensitive informations in sessionStorage?
We are currently implementing envelope encryption to securely encrypt sensitive data(name, emails, phone numbers, photo, previous employers etc.) about our users. However, we are now thinking about to ...
- 347
1
vote
0
answers
176
views
Encryption of calls and files in XMPP
I use Conversations, and my interlocutor is Monal (or another application for iOS (you can tell which is better)).
I plan to use OMEMO for encryption. Are files and photos encrypted or not?
Are calls ...
- 11
0
votes
0
answers
238
views
Where to store user private keys in a webapp? [duplicate]
I'm building a webapp where I want to encrypt user data. I've done A LOT of research about this.
The main issue is that I want only users to be able to access their data. After reading countless ...
- 111
0
votes
0
answers
136
views
Backup to a remote Encrypted APFS drive mounted through Samba. Is this a sound plan?
Say I have a remote machine (something like a VPS) that I have no physical access or physical authority over other than a user on it (with root access). However, I'd like to do Time Machine backups on ...
- 1,109
-1
votes
1
answer
406
views
Are the video calls made in a 3G/4G network encrypted end-to-end?
When I make a video call through a cellular GSM/4G network, is there any end-to-end encryption? If yes, what kind of algorithms and CPUs are used?
- 255
-1
votes
2
answers
634
views
Is end-to-end encryption really secure?
If a software uses end-to-end encryption and the encryption key of a client never leaves the device, isn't it still relatively "simple" to get the encryption keys of clients?
A hacker just ...
- 99
1
vote
2
answers
9k
views
Signal — Can message previews of the messages you send be disabled in the chats’ list of your addressee?
Premise
Signal is armed with measures to instil a sense of privacy in users by preventing undisclosed screenshotting and screencasting message threads, and by enabling the sender to set their text, ...
1
vote
2
answers
348
views
Is TLS encryption between sender and receiver without middlemans end to end encryption and TLS security
As in title, I want to know that is TLS encryption end-to-end encryption when between sender and receiver there's no any middleman? E.g.:
We are sure that TLS in case 2 doesn't provide end to end ...
- 381
2
votes
4
answers
1k
views
End-to-end encryption with multiple recipients?
As far as I understand, end-to-end encryption is used to encrypt the content on the client (sender), send it to the server and decrypt it on the client (recipient). The clients store their private ...
- 131
1
vote
1
answer
641
views
End To End Encryption Model
I have an architecture which requires a certain subset of data to be more heavily secured and encrypted. The main parameters which I believe meet the scope of the project are as follows:
Data should ...
- 113
26
votes
7
answers
8k
views
Is encryption in transit distinct from end-to-end encryption?
I asked a question about HTTPS encryption as it relates to developing a web app here. On the face of it that question has now been closed twice for not being focused enough, but if the meta discussion ...
- 979
2
votes
2
answers
560
views
How can I verify the hash of the plain text without being able to decrypt the cipher text?
I am building an E2EE chat app where there is one asymmetric key pair per group. Each user also has one asymmetric key pair. All messages in a group chat are encrypted with the group public key and ...
- 121
1
vote
1
answer
3k
views
Key management for End-to-end encryption for Chat application
I want to implement end-to-end encryption on my chat application (available on android, iOS and web). For that I've following mechanism in mind.
Generate Key pairs (Private key and Public key) on ...
- 111
0
votes
2
answers
859
views
Is end to end encryption over HTTP safe?
If you wrap all your data in an end-to-end encrypted payload is it safe to transmit over HTTP or at worse case self signed HTTPS instead of traditional CA signed SSL?
- 101
0
votes
2
answers
683
views
Need some clarification regards end-to-end encryption process
Let's say I want to make a messaging(just an example, take it as any data) web(react + node) application(more like an email rather than chat) with end-to-end encryption. So at some point, I will want ...
- 1
13
votes
4
answers
11k
views
How To Recover End-To-End Encrypted Data After Losing Private Key?
I'm creating a mobile app which has chat feature in it. Since I wanted to make it secure, I'll do some encryption to messages and the data. I'm thinking of using End-To-End encryption for it but I've ...
- 257
2
votes
1
answer
210
views
How to prevent mobile data from being viewed when leaving VPN server?
Please correct me if i'm wrong. As far as i know, when we use vpn service, our datas are only encrypted from us to vpn server. After leaving the server to intended recipient, our data is decrypted and ...
- 21
5
votes
1
answer
5k
views
What is the correct way to create a backup copy of a PGP key pair?
I am using GnuPG 2.2.20 to create my key pair.
I have successfully created a key pair, now I want to create a backup copy in case of HDD failure.
Following the instruction here, I have tried
gpg --...
- 529
0
votes
1
answer
298
views
How to encrypt data so only clients can read, but not the server
I am building a system where the clients should be able to communicate with each other.
However I want all the data to be hidden from the server where the information is stored in a database.
How can ...
- 1
2
votes
1
answer
190
views
What's the best encryption strategy to go with when everybody needs to be able to write data but only a select people can view it?
I really just need an encrypted support ticket system essentially. The user who writes the ticket doesn't need to be able to view it afterward but a handful of staff need to be able to decrypt the ...
- 121
3
votes
2
answers
2k
views
If Whatsapp media messages are e2e encrypted, what is the point of storing popular messages on the server?
There is something I don't understand about whatsapp's privacy policy.
Your Messages. We do not retain your messages in the ordinary course of providing our Services to you. Once your messages (...
- 227
1
vote
1
answer
1k
views
Is it worth using an http proxy?
Sorry for my lack of terminology in the field, that's something I've little (or none any) practical knowledge about.
I've browsed similar questions on the security risks of using (web) proxies, but ...
- 113
0
votes
1
answer
267
views
RestApi Libsodium SealedBox end-to-end request encryption scheme
I am making an API that uses the following steps for encryption. All of this is implemented using libsodium.
First of all the client has to make an initial request to the server for getting his public ...
0
votes
1
answer
261
views
Storing Bob encrypted data, and send them to Alice (who must be able to decrypt the content)
I need to develop a website where a user (Bob) send text, image, or video content to my website. After some time, I need to send this data to another user of his choice (Alice).
I want to encrypt user ...
- 101
31
votes
3
answers
11k
views
Can I use WhatsApp to securely send public key, symmetric key and private key?
I am asking this because WhatsApp says it is end-to-end encrypted.
Are there any problems with sending a public key through WhatsApp?
There might be some objections to sending symmetric and private ...
- 419
0
votes
1
answer
339
views
Is automatic E2E encryption possible for chat apps with a backend DB?
This question refers to automatic E2E encryption (i.e., the app creates and shares encryption keys, never the user).
Apps such as Discord and Hangouts store messages in a server-side DB thereby ...
- 103
0
votes
4
answers
2k
views
How Whatsapp shows link previews despite E2E encryption?
Someone sends me a link. Whatsapp shows its preview. How can they do that despite being E2E encrypted?
- 101
1
vote
2
answers
707
views
Encrypt Text Message as Image
Is this a good idea to make the following text message encryption:
accept text from the user 1
store the text into a document in the form of some handwritten font
convert the document into an image
...
- 109
0
votes
1
answer
249
views
Recovery possibilities with Zero knowledge encryption
I have some encryption understanding however I fail to get my head around following scenarios. I would like to know if they are possible with a zero knowledge encryption system.
What the system can or ...
- 73
2
votes
2
answers
1k
views
How to secure a web-only end to end encrypted chat with message persistence?
Currently, I'm trying to create a web-only end to end encrypted chat, with message persistency.
I did some readup on how to create an end to end encrypted chat in JS, I found out there are quite some ...
- 145
1
vote
0
answers
136
views
Meaning of unacknowledged pre key messages
I've recently tried to work with the Signal protocol, but the documentation isn't great. I've come across a problem where the messages being sent include the pre key because the client has ...
- 121
0
votes
1
answer
396
views
Can end-to-end encryption be securely implemented on a web application?
There are a lot of arguments around whether web applications can implement end to end encryption. Most of the arguments against javascript based solutions are centered around the fact that the the ...
- 3,951
-1
votes
1
answer
227
views
Is transport encryption useless, if end-to-end encryption is used? [closed]
Does it have any advantages to do transport-encryption for messages that are already end-to-end encrypted?
- 11
2
votes
1
answer
1k
views
How is end-to-end encrypted data stored in a database?
A traditional database holds the data in each column and then has a relational ID to tie that row to a parent (e.g. a user's ID) so it can be found in a query.
Taking the same scenario but this time ...
- 23
2
votes
3
answers
7k
views
Whatsapp web security
If I use WhatsApp Web on a computer at work that is connected through a proxy, is there a possibility that they will intercept my messages?
I know that, thanks to the proxy, they can see the pages ...
- 21
2
votes
1
answer
956
views
How to use Username/Password in Signal Protocol
I am trying to create a communication app from scratch (more like an html parsed messaging app) using the Signal protocol. While I do have lot to of programming experience, I am a crypto novice and ...
- 203
1
vote
1
answer
188
views
Local area network multi-device network communication protocol
I am planning to build a local area network that will have one Master device and multiple Slave devices. The communication should be able to handle only ON/OFF functionality of the devices (devices ...
- 113
2
votes
1
answer
699
views
Perfect forward secrecy in Instant Messaging with multiple devices
I have read multiple sites online about PFS and DH but I still have a few questions.
I understand that in order to have PFS you must use different keys to encrypt messages. So your IM client could be ...
- 21
1
vote
1
answer
156
views
Signing and encrypting with pairs of keys based on discrete algorithms
In case I've generated pair of keys (public and private) for RSA, I'm able to use it both for signing and encrypting. Is the same statement true also for pairs of keys based on discrete algorithms?
- 13
3
votes
1
answer
2k
views
Are emails from ProtonMail to Tutanota end-to-end encrypted?
So I know that sending emails from a ProtonMail Email to a ProtonMail email is end-to-end encrypted. And I know that sending emails from a Tutanota Email to a Tutanota email is end-to-end encrypted. I ...
- 165
1
vote
0
answers
233
views
HTTP body E2E encryption protocol
I have 2 servers that communicate each other in HTTP and they are both behind an API gateway.
Between the servers and their API gateways the communication is in HTTPS with mutual authentication using ...
- 121
1
vote
2
answers
770
views
How to handle end to end encryption [closed]
I am working on an app where the goal is to upload user data, store it, do some processing on that data and present it to user when asked.
We want to follow end to end encryption model where the ...
- 111
-1
votes
5
answers
515
views
Is encrypting data once enough? [closed]
If I encrypt my data and want to send it from point A to point B, is the end to end encryption is necessary?
Although it's dependent on a) the encryption method and b) my security policy but is one ...
- 1,627
41
votes
2
answers
27k
views
Which protocols exist for end-to-end encrypted group chat?
I am looking for existing protocols for a group chat with two things:
End to end encrypted. Just what you would expect: messages are only decipherable by the chat members and message tampering is ...
- 33.1k