Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
End-to-end encryption
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Man-in-the-middle attacks === End-to-end encryption ensures that data is transferred securely between endpoints. But, rather than try to break the encryption, an eavesdropper may impersonate a message recipient (during [[key exchange]] or by substituting their [[public key cryptography|public key]] for the recipient's), so that messages are encrypted with a key known to the attacker. After decrypting the message, the snoop can then encrypt it with a key that they share with the actual recipient, or their public key in case of asymmetric systems, and send the message on again to avoid detection. This is known as a [[man-in-the-middle attack]] (MITM).<ref name="Wired Lexicon" /><ref name="Schneier">{{cite book|last1=Schneier|first1=Bruce|last2=Ferguson|first2=Niels|last3=Kohno|first3=Tadayoshi|title=Cryptography engineering : design principles and practical applications|url=https://archive.org/details/cryptographyengi00ferg|url-access=limited|date=2010|publisher=Wiley Pub., inc.|location=Indianapolis, IN|isbn=978-0470474242|page=[https://archive.org/details/cryptographyengi00ferg/page/n211 183]}}</ref> ==== Authentication ==== {{see also|Key Transparency}} Most end-to-end encryption protocols include some form of endpoint [[Authentication cookie|authentication]] specifically to prevent MITM attacks. For example, one could rely on [[Certificate Authority Security Council|certification authorities]] or a [[web of trust]].<ref>{{cite web|title=What is man-in-the-middle attack (MitM)? β Definition from WhatIs.com|url=http://internetofthingsagenda.techtarget.com/definition/man-in-the-middle-attack-MitM|website=IoT Agenda|access-date=7 January 2016|language=en-US|url-status=live|archive-url=https://web.archive.org/web/20160105000628/http://internetofthingsagenda.techtarget.com/definition/man-in-the-middle-attack-MitM|archive-date=5 January 2016}}</ref> An alternative technique is to generate cryptographic hashes (fingerprints) based on the communicating usersβ public keys or shared secret keys. The parties compare their [[Public key fingerprint|fingerprints]] using an outside (out-of-band) communication channel that guarantees integrity and authenticity of communication (but not necessarily secrecy{{citation needed|date=June 2020}}), before starting their conversation. If the fingerprints match, there is, in theory, no man in the middle.<ref name="Wired Lexicon" /> When displayed for human inspection, fingerprints usually use some form of [[binary-to-text encoding]]{{citation needed|date=June 2020}}.<ref>{{cite journal|last=Dechand|first=Sergej|date=10β12 August 2016|title=An Empirical Study of Textual Key-Fingerprint Representations|url=https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_dechand.pdf|journal=The Advanced Computing System Association|pages=1β17}}</ref> These strings are then formatted into groups of characters for readability. Some clients instead display a [[natural language]] representation of the fingerprint.<ref name="pEp-whitepaper">{{cite web|url=https://pep.foundation/docs/pEp-whitepaper.pdf|title=pEp White Paper|publisher=pEp Foundation Council|date=18 July 2016|access-date=11 October 2016|url-status=live|archive-url=https://web.archive.org/web/20161001160110/https://pep.foundation/docs/pEp-whitepaper.pdf|archive-date=1 October 2016}}</ref> As the approach consists of a [[one-to-one mapping]] between fingerprint blocks and words, there is no loss in [[entropy]]. The protocol may choose to display words in the user's native (system) language.<ref name="pEp-whitepaper"/> This can, however, make cross-language comparisons prone to errors.<ref name="Marlinspike-2016-04-05"/> In order to improve [[Internationalization and localization|localization]], some protocols have chosen to display fingerprints as base 10 strings instead of more error prone hexadecimal or natural language strings.<ref name="Budington-2016-04-07"/><ref name="Marlinspike-2016-04-05">{{cite web|last1=Marlinspike|first1=Moxie|title=WhatsApp's Signal Protocol integration is now complete|url=https://whispersystems.org/blog/whatsapp-complete/|publisher=Open Whisper Systems|access-date=11 October 2016|date=5 April 2016|url-status=live|archive-url=https://web.archive.org/web/20161010101243/https://whispersystems.org/blog/whatsapp-complete/|archive-date=10 October 2016}}</ref> An example of the base 10 fingerprint (called ''safety number'' in Signal and ''security code'' in WhatsApp) would be: 37345 35585 86758 07668 05805 48714 98975 19432 47272 72741 60915 64451 Other applications such as Telegram, instead, encode fingerprints using emojis. Modern messaging applications can also display fingerprints as [[QR code]]s that users can scan off each other's devices.<ref name="Budington-2016-04-07">{{cite web|last1=Budington|first1=Bill|title=WhatsApp Rolls Out End-To-End Encryption to its Over One Billion Users|url=https://www.eff.org/deeplinks/2016/04/whatsapp-rolls-out-end-end-encryption-its-1bn-users|website=Deeplinks Blog|publisher=Electronic Frontier Foundation|access-date=11 October 2016|date=7 April 2016|url-status=live|archive-url=https://web.archive.org/web/20160912010025/https://www.eff.org/deeplinks/2016/04/whatsapp-rolls-out-end-end-encryption-its-1bn-users|archive-date=12 September 2016}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)