How End-to-End encryption Works?

Buddy your videos are really addictive.

You're the best! From daily doubts I have to more deep studying I do I can find some video here on your channel explaining topics with honesty and a great background. Thanks from Rio de Janeiro, Hussein!

You are awesome Hussein! please upload more. Thank you for this video.

Nice visual explanation😂

Calls for a open-source messenger!

Great video. Thank you!
Btw for persistence do we store that encrypted thingy in the DB directly?

fantastic, so basically double encryption

WhatsApp video call good r bad answer me bro. End to end encryption

The classical two generals problem

Great video Hussein. I have a doubt.
I read that private key is stored locally. So, if you log out all your previous data is lost (even if it's stored on server, it will be encrypted and since you lost the private key, you lost those messages).
So, how does telegram works. Like I can log-out and log-in, use different devices and, I get all of my messages.
So, are they storing private key somewhere? Or how does it work?

Excellent explanation, no need for fancy visuals if it makes sense!

Hey Hussein, awesome video (as always). I just had a question about how whatsapp's E2EE works in group chats. Lets say you are in a group with 100 or 500 people and you send a message that would mean the message being encrypted 500 times by each persons respective public key which seems very in efficient. I want to know what happens there, and it makes a great video IMO.

If public part of the keys are meant to be public, why use DH to exchange them ?

nice ps2

Great explanation

Hey can u talk about searchable encryption

Nasser, I like your way of explanation bruh. BTW I found you a double. Search Syed Shafaat Ali, your lost brother, he's too an engineer, but he turned comedian and imitation performer. You both are prominent in your profession. Godspeed

Great explanation. Thank you for your efflorts

Pro tip, Use More than two hands to explain things..or just use a diagram.

Such a great explanation. Thanks, Hussein!

Can u pls explain signal double ratchat algo and how to implement it . That will be very helpful

gone overhead :(
try with some images, diagrams etc

And I really thought WhatsApp works with Asymmetric all the time. Each user has their own private/public key pair. But you made it clear now that it works similarly to TLS 1.3 Diffie Hellman. 👌

That last CA you talked about was DigiNotar....darket diaries made a video about that.

Great video Hussein. If I may explain this for your audience with some math -

·       Bob generates a private key number X
·       Alice generates a private key number Y
·       There are publicly known numbers A and N provided by the server.
·       Bob does A raised to X and sends the number to Alice
·       Alice does A raised to Y and sends the number to Bob
·       They both raise what the other sent with their own secret key i.e. Bob now has A raised to YX and Alice now has A raised to XY which is the same number. They also mod it with N to get a manageable number between 0 and N. They now have the same secret key without knowing each other's private keys and without the server knowing the final key. The server only knows A and N.

The trick is to make X, Y and N sufficiently large to make reverse engineering near impossible.

Can you please make video about client-side encryption in javascript

Even without graphics and illustrations - this was an excellent and clear explanation !

Great one... which podcast do you listen ?

Very nice

i don't care if somebody reads my message, but i want to know how to hide it. It's just for fun :D

like

Many thanks

Bro, give me an answer. Where do you study all this from

E2EE, specifically, user-friendly and ephemeral E2EE, is necessary because you never know what is gonna become retroactively unacceptable. In this world of constant, pervasive mass surveillance, it seems that damn near every TCP packet you send goes in your permanent record. Even if you’re not doing anything substantively bad, a joke you made a decade ago about killing a politician you don’t like can get you hosed.

I convince all my friends to download Signal because at the end of the day, even if they don’t value their privacy, I value mine. If I’m confiding in a friend, I want to ensure I’m talking to them and just them, with no listeners or meddlers.

In that sense, end-to-end encryption is the ultimate form of authorization.

The authentication part, as you mentioned, is difficult. They at least offer a means of “out of band” verification, with QR codes for each participant you can scan in person to verify each others’ identity.

aka Signal Encryption.

Great talk Hussain, it's been really long since we had a chat. It would be interesting if you talk about certificate pinning.

The explanation couldn't have been any better... Great job🤝

Great contente. The best backend channel 🖤