What is end-to-end encryption and how does it work?

&gt; <i>E2EE eliminates this possibility because the service provider does not actually possess the decryption key.</i><p>When you’re talking about <i>first-party</i> end-to-end encryption (that is, where the pipe and software are provided by the same entity), this is snake oil, pure and simple, <i>especially</i> in the presence of automatic updates, which is uncontrollably the state of affairs on the web. The service provider only doesn’t possess the decryption key as long as they don’t <i>want</i> to possess it. They can maliciously insert a backdoor into the software in order to obtain the decryption key (whether by a rogue employee, or the company as a whole deciding to do the wrong thing, or legal compulsion). And that’s even ignoring the possibility of interception by software <i>distributors</i>, which I <i>think</i> both Apple and Google can do for their mobile platforms (but I’m not certain; it used not to be possible on Android, but they shifted to resigning stuff a couple of years ago).<p>In the context of this article, it’s severely misleading, and although I can’t <i>quite</i> justify calling it a lie (though it was a close call), I am content to declare it a dishonest argument made either in bad faith or incompetently, both of which are very bad things.<p>First-party end-to-end encryption is broken by design. Yes, it protects you against some threats, though generally at a significant cost to functionality, but it offers almost no protection against one of the most important sorts of attacks. To not even <i>mention</i> that rather massive weakness when you must certainly know of it is malfeasance.<p>If this were a one-off, I could bear it. But ProtonMail keeps on spouting this sort of misinformation despite it being pointed out, and indeed trades on it. I am displeased with ProtonMail.<p>(Disclosure: I worked for Fastmail for a few years. I don’t believe that has influenced my position on this matter at all, save that it may have better informed me about all the factors involved in the email space. But my remarks here are true of anything that trades in end-to-end encryption, not just the email space.)

<a href="https:&#x2F;&#x2F;techcrunch.com&#x2F;2021&#x2F;09&#x2F;06&#x2F;protonmail-logged-ip-address-of-french-activist-after-order-by-swiss-authorities&#x2F;" rel="nofollow">https:&#x2F;&#x2F;techcrunch.com&#x2F;2021&#x2F;09&#x2F;06&#x2F;protonmail-logged-ip-addre...</a><p>The controversy here is is that Prontonmail announced they didn&#x27;t do something, log IPs for example and then when compelled by law enforcement-- somehow had a log of IPs. I use Protonmail but there is no way for me to ensure they are E2E just like there is no way to ensure they don&#x27;t log IPs. This why faith and trust are so important. &quot;Real security&quot; people don&#x27;t need faith just Math but for the rest of us we need an off the shelf solution that&#x27;s good enough.

E2E encryption only matters when the cryptosystem is reputable, open and withstood the test of time and scrutiny.<p>E2E encryption only matters when the identity provider is trustworthy, unlike most services which manage the PKI on users&#x27; behalf.<p>And most importantly, E2E encryption only matters when both sides apprehend the strengths and limitations of it, and practice appropriate opsec.<p>After reading this article, I&#x27;m not sure how Proton delivers on any of these requirements. It seems to infantilize a complicated infosec topic to comfort laypersons using their service instead, not unlike most of their marketing material I&#x27;ve seen.

Sadly, at this point just not scanning my inbound purchase and travel emails is a big enough win.<p>Encryption in proton mail was never the selling point since everyone I talk to is on google anyway.

If I were a journalist in a dangerous place...<p>I&#x27;d want to buy a AA-battery powered (or just solar powered?) touch screen device that has a USB port that you can physically BREAK OFF after you&#x27;ve uploaded either a pub&#x2F;private key chain, or just a huge ass one-time-pad.<p>In my mind, it has a touch screen and a camera with a physical cover you can slide over it. No other ports or antennas or connectivity at all. To send an encrypted message, it flashes a series of QR codes to your smartphone. To receive an encrypted message, you show it a series of QR codes from your smartphone.<p>Your smartphone or computer sends encrypted messages, but it doesn&#x27;t actually do the encryption or decryption.

The problem with these articles is that they never go into exactly what parts of the message and metadata is actually encrypted. It can&#x27;t all be encrypted (or at least I&#x27;m not aware of how that would work in practice), so it would be useful to know that, for instance, while the message is encrypted, the sender and receiver metadata is not, which certainly wouldn&#x27;t make information about who is communicating with who private.

I&#x27;m surprised to see this on Hacker News as I kind of expect that the NH crowd is more knowledgable than the general audience and this article is a little shallow.<p>I for instance know E2EE pretty well but I&#x27;m not too familiar with how it is done with main. Notably, the article kind of skips over how Bob got Alice&#x27;s public key in the first place. How does Proton handle this part?<p>I would like to see something a little deeper here.

By seeing so many drawbacks on ProtonMail, is there any other good alternatives? Gmail definitely is not one.

Does anyone know any open source libraries to implement E2EE in chat apps (text, audio, video)?

Well when you hear e2e encryption you assume that provider who offer the service is not acting as a man in the middle and collecting the data like proton. There were cases when they obeyed by law and court order to give info on their clients.. aka us.