End to End encryption Hugues Bernet-Rollande - @rompelstilchen 1

Hi, my name is Hugues Bernet-Rollande, I’m the CTO of Newmanity which provide a set of collaborative tools, ethical and ecological1. Being ethical, want to protect our user's privacy and there for, trying to minimize the amount of exploitable data we collect about them. Being a messenging app, we naturally went towards end to end encryption. Here are my learnings, so far. 1 ask me more later, it's cool. Hugues Bernet-Rollande - @rompelstilchen 2

End to what?2 2 E2EE, for those in the know. Hugues Bernet-Rollande - @rompelstilchen 3

System of communication where only the communicating users can read the messages. — Wikipedia Hugues Bernet-Rollande - @rompelstilchen 4

Respect your user's privacy. And if your 3 data is compromised or monitored? it becomes less of an issue . 3 not yours in first place, your user's... Hugues Bernet-Rollande - @rompelstilchen 5

One many keys to rule them all.4 4 keys'exchange is the 1 difficulty in end to end encryption. Hugues Bernet-Rollande - @rompelstilchen 6

Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext and decryption of ciphertext. — Wikipedia Hugues Bernet-Rollande - @rompelstilchen 7

Asymmetrical Public key cryptography, or asymmetrical cryptography, is any cryptographic system that uses pairs of keys: public keys which may be disseminated widely5, and private keys which are known only to the owner. 6 — Wikipedia 6 the recipient use his private key to decrypt the message. 5 the sender use the publicly known key of the recipient to encrypt his message. Hugues Bernet-Rollande - @rompelstilchen 8

But, modern E2EE's apps use a mix of both Asymmetric keys associated with each user7, and symetric keys associated with each message:8 — encrypt the message with a generated symetric key (A), — encrypt the message's key (A) with the asymetric/public key of the recipient9. 9 like putting a key to a lock in a box locked by a key . 8 yes, that's a lot of keys! 7 or devices. Hugues Bernet-Rollande - @rompelstilchen 9

Me, as a mobile developer. Hugues Bernet-Rollande - @rompelstilchen 10

Mobile local first. Hugues Bernet-Rollande - @rompelstilchen 11

As the definition implies, only the communicating users can read the data. Your server is not a communicating user, but merely a medium of the communication . Your app can not be a layer of UI on top of a powerful set of APIs ! . End to end force us to shift some computational processes from our backend to our devices. Hugues Bernet-Rollande - @rompelstilchen 12

Searching your content, easy, right? But now, your server does not have access to your user's data and there for can’t help your app to search in it10. You need a complex data synchronisation layer and a local search engine. Probably most your user's data will need to be more or less available and processed locally. 10 or performing most of data computations. Hugues Bernet-Rollande - @rompelstilchen 13

Rethink your App to work offline. Hugues Bernet-Rollande - @rompelstilchen 14

Security vs Safety. Hugues Bernet-Rollande - @rompelstilchen 15

What should happen if your user loses his device? Should all his data be lost? -> security Should it be recoverable one way or another? -> safety Decisions like this need to be made early to lay out the impact of an end to end encryption on your users. 11 Informing your users is not trivial as this may be beyond his comprehension 11 depending of your type of users, individuals, high value businesses, ... Hugues Bernet-Rollande - @rompelstilchen 16

UX complexity. Hugues Bernet-Rollande - @rompelstilchen 17

WhatsApp constantly educate their users about encryption. Hugues Bernet-Rollande - @rompelstilchen 18

Desynchronization Scenarios will arise where keys are not yet available to your users but the content is. At times, you may see the above message in place of what you were sent from a contact. Due to end-to-end encryption, you may need to wait for someone's message to arrive because their phone needs to come online and properly encrypt the message for you. This can typically occur if you or the person you're chatting with recently reinstalled WhatsApp. — WhatsApp Hugues Bernet-Rollande - @rompelstilchen 19

Gunax lbh!* End to End Security ! Safety " User Experience # Computation $ Data protection % Trust & NSA ' * Thank you! Hugues Bernet-Rollande - @rompelstilchen 20