Why end-to-end encryption will fail on the long run
(originally posted 07.04.2016 on Google+)


WhatsApp recently completed its transition to the end-to-end encrypted Signal protocol. Most "privacy advocates" are delighted. But the pleasance is likely premature. Even end-to-end encryption has its drawbacks and weaknesses, that I will explain here. And at least one of these drawbacks will likely lead end-to-end encryption into a dead end -- at least regarding popular mass services.

1. The security of end-to-end encryption stands or fails with the key management, which will always be a pain-in-the-ass for regular users. Even new ideas like CONIKS won't change that significantly. End-to-end means that the key is only on the end device, and the use of these end devices is simply much too dynamic for a convenient and easy-to-use solution for regular users.

2. As long as point 1. is true, the service provider is always capable of reading the messages with a simple man-in-the-middle attack. So when WhatsApp claims "even we cannot read your messages" than this is simply not the honest truth. "We could read your messages (and experienced users could notice that we are intercepting), but we promise that we won't do it" would be a much more accurate statement.

3. Most of today's popular mass communication services are proprietary and provided by single, private companies who have little interest in disclosing their source code, and this is very unlikely to change. So nobody knows for sure whether the company implemented a backdoor to its services, and even if there is currently none this could change anytime.

4. If the end-to-end encryption is reliably implemented, then it inherently means end-to-end, and nobody in between can read the communications. This however means on the other side that a centralized spam or virus scanning is impossible. This is currently not a big problem for messengers like WhatsApp, but this could change quickly. Look for example at HTTPS, which is another example for end-to-end encryption: Virus scanning is only possible with an SSL-intercepting proxy, and this is what currently more and more companies are introducing -- and voila, with it you again have a central point where everything could be read in plaintext.

5. Related to point 4., end-to-end means that nobody in the middle is able to read and that some business models which are based on personalized ads (like eg Google's) simply don't work anymore. For users this would also lead to a reduced user experience, when they receive random ads instead of personalized, or when they don't receive anymore automated reminders for booked flights and so on. Yes, at least I appreciate this kind of service Google offers, and I would never give it up for a "secure" end-to-end alternative. So maybe there will be a competition between "secure" and "convenient" services, but I'm pretty sure the big masses will opt for convenience.

6. End-to-end means that the key is only on the end device, which in turn means there is no easy, convenient and secure way to share data between end devices. This may not be a big problem for messengers like WhatsApp, but at least I highly appreciate that I can read my gmail emails, or that I can edit my Google docs, both from my smartphone and my laptop, and so on. Again, this will be a competition between "secure" and "convenient" services, and again I'm pretty sure the big masses will opt for convenience.

7. Lawmakers could simply pass laws demanding from service providers like WhatsApp that they must remain able to respond to lawful content requests (and they could easily implement this with source code changes and/or the above mentioned man-in-the-middle attack).


To summarize, I don't say end-to-end doesn't have its legitimate use cases. But they are rare, and then you have to live with serious drawbacks. The current call for "end-to-end everything" is a result of the Snowden hysteria, where nobody seems to think about the consequences. But this will change, and then more and more people will ask themselves if it is really adequate to speak about a "mass, indiscriminate surveillance" when the plain fact is that a ordinary WhatsApp or Facebook user has a chance of 0.02% of being targeted by the NSA.