[Cryptography] NSA security guidelines for videoconferencing

Whitfield Diffie whitfield.diffie at gmail.com
Mon May 4 00:18:53 EDT 2020 

NL> We could go for a compromise of "end-user to end-user encryption"
and keep the good old acronym
NL> while still making it clearer. (Assuming we can convince people to
update their definitions of the term.)

    Phillip Hallam-Baker has pointed out a serious problem:

        I don't think user-to-user encryption is the term we need
because that is what a lot of the
        video conferencing systems have AES running from one user to
the other. But they don't
        have user to user security because the key exchange is
happening in a cloud service they
        control completely (people using ECB mode probably aren't
using threshold techniques).

Encryption can be end-to-end but for security to be end-to-end the key
negotiation has also to be end-to-end.  The terminology had fooled me
and I had not seen this clearly before.

BW> Unless the algorithm is rot0 or the user is a savant, some
software is being trusted. And I doubt
BW> that even a savant could handle video encryption at frame rate.

    This is a different sort of objection and surprises me.  It is a
factual question; does somebody have the facts?

                          Whit

On Sun, May 3, 2020 at 1:12 AM Natanael <natanael.l at gmail.com> wrote:
>
>
>
> Den sön 3 maj 2020 07:39Whitfield Diffie <whitfield.diffie at gmail.com> skrev:
>>
>> > The problem with 'end to end' encryption is that it isn't the same as end to end
>> > security and the developers may have a different definition of what an 'end' is.
>>
>>     The problem is with the term `end-to-end encryption.'  All
>> encryption is from one end of something to another.  Link encryption
>> is from one end of a link to the other.  Perhaps the term we need here
>> is ``user-to-user encryption.''
>>
>>                            Whit
>
>
> We could go for a compromise of "end-user to end-user encryption" and keep the good old acronym while still making it clearer. (Assuming we can convince people to update their definitions of the term.)
>

More information about the cryptography mailing list