End to End Encryption for Mobile Developers

Transcript

1. End to End encryption Hugues Bernet-Rollande - @rompelstilchen 1

2. Hi, my name is Hugues Bernet-Rollande, I’m the CTO of

   Newmanity which provide a set of collaborative tools, ethical and ecological1. Being ethical, want to protect our user's privacy and there for, trying to minimize the amount of exploitable data we collect about them. Being a messenging app, we naturally went towards end to end encryption. Here are my learnings, so far. 1 ask me more later, it's cool. Hugues Bernet-Rollande - @rompelstilchen 2

3. End to what?2 2 E2EE, for those in the know.

   Hugues Bernet-Rollande - @rompelstilchen 3

4. System of communication where only the communicating users can read

   the messages. — Wikipedia Hugues Bernet-Rollande - @rompelstilchen 4

5. Respect your user's privacy. And if your 3 data is

   compromised or monitored? it becomes less of an issue . 3 not yours in first place, your user's... Hugues Bernet-Rollande - @rompelstilchen 5

6. One many keys to rule them all.4 4 keys'exchange is

   the 1 difficulty in end to end encryption. Hugues Bernet-Rollande - @rompelstilchen 6

7. Symmetric-key algorithms are algorithms for cryptography that use the same

   cryptographic keys for both encryption of plaintext and decryption of ciphertext. — Wikipedia Hugues Bernet-Rollande - @rompelstilchen 7

8. Asymmetrical Public key cryptography, or asymmetrical cryptography, is any cryptographic

   system that uses pairs of keys: public keys which may be disseminated widely5, and private keys which are known only to the owner. 6 — Wikipedia 6 the recipient use his private key to decrypt the message. 5 the sender use the publicly known key of the recipient to encrypt his message. Hugues Bernet-Rollande - @rompelstilchen 8

9. But, modern E2EE's apps use a mix of both Asymmetric

   keys associated with each user7, and symetric keys associated with each message:8 — encrypt the message with a generated symetric key (A), — encrypt the message's key (A) with the asymetric/public key of the recipient9. 9 like putting a key to a lock in a box locked by a key . 8 yes, that's a lot of keys! 7 or devices. Hugues Bernet-Rollande - @rompelstilchen 9

10. Me, as a mobile developer. Hugues Bernet-Rollande - @rompelstilchen 10

11. Mobile local first. Hugues Bernet-Rollande - @rompelstilchen 11

12. As the definition implies, only the communicating users can read

    the data. Your server is not a communicating user, but merely a medium of the communication . Your app can not be a layer of UI on top of a powerful set of APIs ! . End to end force us to shift some computational processes from our backend to our devices. Hugues Bernet-Rollande - @rompelstilchen 12

13. Searching your content, easy, right? But now, your server does

    not have access to your user's data and there for can’t help your app to search in it10. You need a complex data synchronisation layer and a local search engine. Probably most your user's data will need to be more or less available and processed locally. 10 or performing most of data computations. Hugues Bernet-Rollande - @rompelstilchen 13

14. Rethink your App to work offline. Hugues Bernet-Rollande - @rompelstilchen

    14

15. Security vs Safety. Hugues Bernet-Rollande - @rompelstilchen 15

16. What should happen if your user loses his device? Should

    all his data be lost? -> security Should it be recoverable one way or another? -> safety Decisions like this need to be made early to lay out the impact of an end to end encryption on your users. 11 Informing your users is not trivial as this may be beyond his comprehension 11 depending of your type of users, individuals, high value businesses, ... Hugues Bernet-Rollande - @rompelstilchen 16

17. UX complexity. Hugues Bernet-Rollande - @rompelstilchen 17

18. WhatsApp constantly educate their users about encryption. Hugues Bernet-Rollande -

    @rompelstilchen 18

19. Desynchronization Scenarios will arise where keys are not yet available

    to your users but the content is. At times, you may see the above message in place of what you were sent from a contact. Due to end-to-end encryption, you may need to wait for someone's message to arrive because their phone needs to come online and properly encrypt the message for you. This can typically occur if you or the person you're chatting with recently reinstalled WhatsApp. — WhatsApp Hugues Bernet-Rollande - @rompelstilchen 19

20. Gunax lbh!* End to End Security ! Safety " User

    Experience # Computation $ Data protection % Trust & NSA ' * Thank you! Hugues Bernet-Rollande - @rompelstilchen 20