SE-Radio Episode 321: Péter Budai on End to End Encryption

Topics covered
Popular Clips
Episode Highlights
E2EE Challenges
Implementing end-to-end encryption (E2EE) presents significant challenges, especially when dealing with client-side operations. highlights the difficulty of performing data transformations and migrations when users are not consistently active, leading to unsupported protocols and standards 1. He also discusses encrypted searching, which allows searches on encrypted data without revealing the search terms. However, this method requires extensive indexing and is not yet fast enough for production use 2.
While you don't have to give up the encryption and don't have to give up the privacy, there is an example which is feasible right now, which is encrypted searching.
---
These challenges underscore the complexity of maintaining privacy while ensuring functionality.
Homomorphic Encryption
Homomorphic encryption offers a promising solution by allowing computations on encrypted data, but it remains largely theoretical due to its current inefficiency. explains that this method enables operations on ciphertexts, producing results as if they were performed on plaintext 3. notes that while this could offload computations from client to server, the technology is still too slow for practical applications 4.
They are too slow currently to make it usable in any kind of real world applications.
---
The potential of homomorphic encryption lies in its ability to enhance data security without compromising computational efficiency.
Convergent vs. Non-Convergent
The debate between convergent and non-convergent cryptography centers on privacy and security implications. explains that convergent cryptography allows storage providers to verify if specific content exists in user storage, posing potential privacy risks 5. In contrast, non-convergent cryptography generates unique keys for each file upload, ensuring different encrypted outputs each time. This method enhances privacy but complicates verification processes.
In case of non convergent crypto, this is not the case because every time a file is uploaded, a new key, a new iv is generated.
---
These cryptographic approaches highlight the trade-offs between security and usability in encryption practices.
Related Episodes


SE Radio Episode 342 - István Lam on Privacy by Design with GDPR
Answers 383 questions

SE-Radio-Episode-297:-Kieren-James-Lubin-on-Blockchain
Answers 383 questions

SE-Radio Episode 296: Type Driven Development with Edwin Brady
Answers 383 questions

SE-Radio Episode 288: DevSecOps
Answers 383 questions

SE Radio 626: Ipek Ozkaya on Gen AI for Software Architecture
Answers 383 questions

SE-Radio Episode 335: Maria Gorlatova on Edge Computing
Answers 383 questions

SE-Radio Episode 276: Björn Rabenstein on Site Reliability Engineering
Answers 383 questions

Episode 475: Rey Bango on Secure Coding Veracode
Answers 383 questions

SE-Radio Episode 314: Scott Piper on Cloud Security
Answers 383 questions

SE-Radio Episode 290: Diogo Mónica on Docker Security
Answers 383 questions

Episode 378: Joshua Davies on Attacking and Securing PKI
Answers 383 questions

SE-Radio Episode 358: Probabilistic Data Structure for Big Data Problems
Answers 383 questions

SE Radio 635: Stevie Caldwell on Zero-Trust Architecture
Answers 383 questions

SE Radio 593: Eric Olden on Identity Orchestration
Answers 383 questions














