The hairy issue of e2e encryption in instant messaging

by Winfried Tilanus At: FOSDEM 2020 https://video.fosdem.org/2020/UA2.114/security_the_hairy_issue_of_e2e_encryption_in_instant_messaging.webm ❮p❯End-to-end encryption is often regarded as the holy grail of security. But when you start implementing it soon becomes a security hell. Does it really protect against the threats it should protect against? And watch out for the pitfalls when implementing it: almost everybody fails there!❮/p❯❮p❯Lets start with the conclusion of this talk: after twenty years of designing and analyzing high security instant messaging systems, I came to the conclusion that end-to-end encryption (e2ee) in instant messaging is snake-oil. It creates a false sense of security.❮/p❯ ❮p❯First of all the threat model underneath e2ee has fundamental flaws, it doesn’t deliver protection against the threats commonly named to justify it. And if that isn’t enough, there a lot of issues that make a proper implementation very hard to get right. To name a few: key verificatio