<

Secure document storage (Part1)

signchain Sep 30, 2020

Let's go back to those days where communication used to take place through messengers, 1860’s.

There were two Kingdoms, very friendly and always ready to help each other. One day, one of the Kingdom was attacked by its enemy. The King called his messenger in the court and told him to give his letter to his friend. The letter reads:

My friend, we have been attacked by our enemy and we need your help in this   battle. We will wait for you and your army at location1

The messenger left the palace with King’s letter. But on his way to second kingdom he changed the letter to:

My friend, we have been attacked by our enemy and need your help in this battle. We will wait for you and your army at location2

Now think for a minute what will happen if this letter is received by the King’s friend, he will be waiting at location2 with his army and as a result King1 will lose the war.
This happened because the messenger had access to the King’s letter. What if the messenger does not have access to the letter, then the letter would have reached safely to the King’s friend.

One way to keep the letter safe is to put the letter in a box and lock it. Now this lock can only be opened by King’s friend. But the question arises here is, how King’s friend will unlock the box. Ummm there are possibly two ways.

  1. The King will also send the key with messenger
  2. The King’s friend will have his own key to unlock the box.

Which is the best way? What do you think🤔🤔? We will answer this question at the end of the post.

But hold on, how to lock the letter in this digital era where we communicate using the internet 🤔🤔?

Here comes the role of encryption. So what is encryption?  

Encryption is the process of encoding information or sensitive data so only authenticated parties can access it. It means the data or information is changed into some unreadable text which forms no meaning when read.

But if reading does not make any sense then how will the receiver understand the letter. Confused? 😕

Let me help you,  firstly the unreadable data or text (encrypted document) will be converted back to readable data or text by the receiver, and then the receiver can read the letter.

The process of converting unreadable data back to original data is called decryption. It is the same as opening the lock using a key and then reading the letter.

Hurrah!!!! Now we know what encryption and decryption is 😎. But now the question is what is this key and where does it come from?🤔

There are two different types of keys which can be used in encryption and decryption of the document.

  • Symmetric Keys: In this type of encryption single key is used for both encryption and decryption.
  • Asymmetric keys: In this type of encryption different keys are used for encryption and decryption.

Until now we have seen what is encryption, decryption and the types of keys. But this blog was about End-to-End encryption, right😕🤔? So let’s dive straight into it.

But before jumping into E2E encryption I want to explain one more way of data sharing, Encryption-in-transit.

Encryption-in-transit means, anytime the message or data is moving, it is encrypted and then transmitted. So it is encrypted at source point and decrypted at server, then encrypted again between server and destination.

Consider the above example where the King has to pass a message to his friend. The King called his most faithful and honest men in the court, gave him the box which had a letter and the key, and asked him to open the box in front of his friend only. The messenger left the palace with the box and key.  

What are the chances that the letter will reach safely to King’s friend🤔🤔?

Yes, you are  right there is no surety that the letter will reach safely because the messenger has the access to the key, so he can easily open the box, manipulate the letter and again put it inside the box.

This is what happens in transit encryption. In transit encryption the server holds the key for encryption and decryption, hence there is no guarantee that the data is safe from the service provider. The service provider can easily access the data, analyse it and then can sell it to earn big profits.😨😨😨

So how to keep your data safe so that only the authorised person can access it? Well here comes the role of End-to-end encryption. So let's see what it is and how it is helpful.

End-to-end encryption(E2EE) is a method of secure communication that prevents third-parties from accessing data while it’s transferred from one end system to another device or system.
In E2EE the data is encrypted on the sender’s system or device and only the recipient is able to decrypt it. Nobody in between, be they an Internet service provider, application service provider or hacker, can read it or tamper with it.

Ufff to many technical things, I really got straight into E2EE 😅. Let me simplify this for you.

Let’s recall the above example once again where the King has to pass a message to his friend. The King again called his men in the court, but this time he only gave the box which had a letter, and asked him to deliver the box to his friend.

The King’s friend has another key to unlock the box. Hence in this case the messenger wouldn’t be able to manipulate the message. This is what happens in E2EE, in E2EE the sender encrypts the data and the receiver can only decrypt the data. The only task of the messenger here is to deliver the letter at the right destination. If in case the messenger delivers it to the wrong destination then also the letter could not be read because it was locked in the box.

The same role is played by today's platform service providers, where they act as a bridge between the sender and receiver. They  do not have access to the content at any time. This helps in keeping the data more secure.

But the difficulty for true E2EE is how the key for decryption is provided to the receiver. This is easy if the sender and the receiver can meet in person to exchange keys, previous to sending a message or file - but in reality, this is a very rare scenario.

Therefore, in practice, sender and receiver usually resort back to a public key infrastructure. This means that the receiver creates a public key. With this public key, it is only possible to encrypt, not to decrypt. The sender may now encrypt the message with this public key and send the encrypted message to the receiver. The receiver is the only one in possession of the private key necessary for decrypting the message. This form of encryption is classified as end-to-end encryption.

Hence we can say using E2E encryption is the best way of exchanging messages and data compared to transit encryption.

Remember the question we have asked at the beginning of this blog, “which method the King should use?”. The above comparison has given a clear idea that the King should use a second way of message transmission as it gives more security to the message.

We at Consenso Labs are developing a platform which brings you the real environment for E2EE file sharing. You would be able to share your files and keys in encrypted form though our smart-contracts. So stay connected with us, something big is coming✌

Tags

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.