July 8, 2016 at 21:25Facebook messenger will receive end-to-end encryption
Facebook has announced the e2e encryption feature for its messenger. True, unlike WhatsApp, Viber and Signal, it will not be enabled by default. For its messenger, Facebook went the same way with Telegram and Google Allo, adding this feature as an optional one. The company plans to release a beta version of the Messenger app for smartphones, in which an enhanced type of encryption will be present in the mode of "secret communication" (secret conversations).
This year has become a real cryptographic boom, at first WhatsApp received the possibility of enhanced e2e encryption , which, by the way, belongs to Facebook, then it came to pass.to Viber. Clouds over WhatsApp began to thicken a month before the managers announced the switch to the default encryption mode. Law enforcement agencies who wanted to gain access to the message decryption function began to make a complaint to the messenger . At that time, WhatsApp used a partial implementation of e2e encryption, available only to Android users.
Little is known about the future function of Facebook's secret chats, encrypted chat will be available only from one device on which the decryption key is stored, it will also not support the transfer of GIF images and video files. However, it is known that for the organization of e2e encryption, the Signal secure messenger protocol will be used, using the Double Ratched protocol approved by experts for its own purposes. Signal's encryption protocol was formerly called Axolotl.
Thus, Facebook did not begin to develop its own algorithm for e2e encryption, as this is bad form and does not allow independent experts to analyze its security. That is why the Openal Whisper Systems Signal protocol, approved by security experts, uses WhatsApp. One element of the Signal protocol - Double Ratched also uses Viber. Earlier, well-known security experts criticized Telegram for its closed implementation of its own encryption protocol MtProto, which does not allow checking its security.
The key feature of e2e encryption is that the private decryption keys of messages are not stored on the server side of the service, but on the device of the user himself, which excludes any possibility of their decryption by someone else (of course, when implementing a reliable protocol). On the contrary, the “server-to-server” encryption function, which is used, for example, by Skype, allows the server itself to decrypt the forwarded messages with the private key. In the e2e encryption scheme, the server stores only information about the public encryption keys of the clients.
This year has become a real cryptographic boom, at first WhatsApp received the possibility of enhanced e2e encryption , which, by the way, belongs to Facebook, then it came to pass.to Viber. Clouds over WhatsApp began to thicken a month before the managers announced the switch to the default encryption mode. Law enforcement agencies who wanted to gain access to the message decryption function began to make a complaint to the messenger . At that time, WhatsApp used a partial implementation of e2e encryption, available only to Android users.
Little is known about the future function of Facebook's secret chats, encrypted chat will be available only from one device on which the decryption key is stored, it will also not support the transfer of GIF images and video files. However, it is known that for the organization of e2e encryption, the Signal secure messenger protocol will be used, using the Double Ratched protocol approved by experts for its own purposes. Signal's encryption protocol was formerly called Axolotl.
Thus, Facebook did not begin to develop its own algorithm for e2e encryption, as this is bad form and does not allow independent experts to analyze its security. That is why the Openal Whisper Systems Signal protocol, approved by security experts, uses WhatsApp. One element of the Signal protocol - Double Ratched also uses Viber. Earlier, well-known security experts criticized Telegram for its closed implementation of its own encryption protocol MtProto, which does not allow checking its security.
The key feature of e2e encryption is that the private decryption keys of messages are not stored on the server side of the service, but on the device of the user himself, which excludes any possibility of their decryption by someone else (of course, when implementing a reliable protocol). On the contrary, the “server-to-server” encryption function, which is used, for example, by Skype, allows the server itself to decrypt the forwarded messages with the private key. In the e2e encryption scheme, the server stores only information about the public encryption keys of the clients.