Decentralising end-to-end encryption with a new security protocol

Researchers at Carnegie Mellon University have devised a new security protocol to decentralise E2E, enabling users to store their messages in a more flexible network.

Updated - November 26, 2021 07:32 pm IST

Published - November 26, 2021 02:42 pm IST

Complete dependence on a single firm’s server prevents users from being able to control how their private messages are being handled.

Complete dependence on a single firm’s server prevents users from being able to control how their private messages are being handled.

Messaging services like WhatsApp and Telegram use end-to-end encryption (E2E) to secure messages sent and received. Their systems uses a single company's server to store encrypted information.

Complete dependence on a single firm’s server prevents users from being able to control how their private messages are being handled.

(Sign up to our Technology newsletter, Today's Cache, for insights on emerging themes at the intersection of technology, business and policy. Click here to subscribe for free.)

Researchers at Carnegie Mellon University have devised a new security protocol to decentralise E2E, enabling users to store their messages in a more flexible network.

The system is an extension of the steady group key settlement (GKA) — a previously developed safety protocol that permits a group of people to send and receive messages without relaying on a message group supervisor. “If your message is routed through one server and the company raises the prices or shuts down, you could switch to another server seamlessly,” the team noted.

Also Read | Quantum computers pose security threats, report says

If users are using a central server run by a company to communicate, but it gets blocked or shut down, they could switch to a self hosted server that is physically in one of their homes, the team noted.

“If that’s blocked too, or if the whole Internet is shut down, they could switch to using a mesh network in which nearby devices connect over Bluetooth,” the team said in a paper titled ‘Key Agreement for Decentralized Secure Group Messaging with Strong Security Guarantees’.

"Right now, messaging app companies are in charge of users, when really it should be the other way around," one of the researchers noted. "Users should have the freedom to choose how their messages are handled.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.