![]() ![]() But she does not grant it unconditional trust, especially for private data, such as private pictures, confidential documents, passwords, etc. These generic guidelines were made in the Personal Cloud context, where the user, let's call her Alice, trusts the server to correctly manage her data and deliver the expected service. But to avoid any confusion, we will use the "client-side encryption" terminology in the following. In this document, the end refers to the users' devices: the goal is to encrypt data from applications in such a way that the server cannot decrypt it. In this case, the data is encrypted between the client and the server, but can be decrypted by the latter. This is also sometimes refered as client-side encryption, as opposed to server-side encryption, notably because the "end-to-end" terminology is sometimes misleadingly used, when the end is actually the server. ![]() IntroductionĮnd-to-end encryption, as quoted from Wikipedia, is:Ī system of communication where only the communicating users can read the messagesįor instance, Signal and ProtonMail both use end-to-end encryption, where the end refers to users: this guarantees that nobody but the communicating users can read the exchanged data. We also provide a performance benchmark to evaluate the encryption impact, depending on the user device and data size. ![]() In this document, we discuss about guidelines for end-to-end encryption, in a web environment, in order to ensure the user privacy by making the server blind on the encrypted data. Paul Tran-Van Security 16 July 2020 20 min read End-to-end encryption: how to encrypt data in a web application
0 Comments
Leave a Reply. |