End-to-end encryption, whose ends?
What if server starts acting as Alice to Bob, and Bob to Alice?
Cryptography is a difficult subject, some apps (which are not open source and prohibit end-users from reverse-engineering the APKs) advertise that chats are secure by virtue of "end to end encrypted messages".
In locations where upload speeds are very constrained, I think there are 2 ways to preserve bandwidth, put better ways to reduce user frustration:
- a server (actually a CDN-like infrastructure) that maintains a hashtable of media, so one user sending video to 5 people has to sacrifice data only once (times throughput), but I don't understand how to maintain a hashtable, that serves the purpose of reducing redundancy, without having decrypted version of media (maybe nonce with TTLs?)
- A P2P arrangement, but again how can DHT work with PKI?
If you know the answer, please link in the comment.
#doubt