Published Sep 3, 2019

SE-Radio Episode 321: Péter Budai on End to End Encryption

Dive deep into the world of end-to-end encryption as Péter Budai and Kim Carter unravel the intricacies of Intel's SGX technology, mutual authentication, and advanced encryption techniques, exploring their implications for cloud security and secure communication.
Episode Highlights
Software Engineering Radio - the podcast for professional software developers logo

Popular Clips

Episode Highlights

  • E2EE Challenges

    Implementing end-to-end encryption (E2EE) presents significant challenges, especially when dealing with client-side operations. highlights the difficulty of performing data transformations and migrations when users are not consistently active, leading to unsupported protocols and standards 1. He also discusses encrypted searching, which allows searches on encrypted data without revealing the search terms. However, this method requires extensive indexing and is not yet fast enough for production use 2.

    While you don't have to give up the encryption and don't have to give up the privacy, there is an example which is feasible right now, which is encrypted searching.

    ---

    These challenges underscore the complexity of maintaining privacy while ensuring functionality.

       

    Homomorphic Encryption

    Homomorphic encryption offers a promising solution by allowing computations on encrypted data, but it remains largely theoretical due to its current inefficiency. explains that this method enables operations on ciphertexts, producing results as if they were performed on plaintext 3. notes that while this could offload computations from client to server, the technology is still too slow for practical applications 4.

    They are too slow currently to make it usable in any kind of real world applications.

    ---

    The potential of homomorphic encryption lies in its ability to enhance data security without compromising computational efficiency.

       

    Convergent vs. Non-Convergent

    The debate between convergent and non-convergent cryptography centers on privacy and security implications. explains that convergent cryptography allows storage providers to verify if specific content exists in user storage, posing potential privacy risks 5. In contrast, non-convergent cryptography generates unique keys for each file upload, ensuring different encrypted outputs each time. This method enhances privacy but complicates verification processes.

    In case of non convergent crypto, this is not the case because every time a file is uploaded, a new key, a new iv is generated.

    ---

    These cryptographic approaches highlight the trade-offs between security and usability in encryption practices.

Related Episodes