Encryption

- Reading time: 2 minutes / whole rubric: 10 minutes -

Many people understand encryption to mean only “end-to-end” encryption, which ensures that no one other than the respective participants can (co-)read the exchanged content. However, encryption is much more than that, because secure and traceable encryption (cryptography) includes so-called protection goals:

  • Confidentiality (data may only be read or modified by authorized persons. This applies to access to stored data as well as during data transmission.
  • Integrity (data must not be changed unauthorized and unnoticed. All changes must be traceable).
  • Authenticity (proof of the authenticity and credibility of data or subjects, based on unique identity or properties).
  • Bindingness (protection against inadmissible denial of actions performed or subject cannot deny that an action has been performed).

Beyond these protection goals of cryptography, however, depending on the requirements, inconsequentiality to third parties is also a very important point. This is to be achieved by means of “perfect forward secrecy” (external). This ensures that even someone who eavesdrops on and stores the encrypted communication cannot decrypt it if they later learn a key.

Double ratchet

… is the encryption technique developed as “Axolotl” (external; PDF file) by Signal. Between two endpoints (hence “end-to-end encryption”), the previous encryption process is taken as the starting point for each new encryption process - and the ratchet is turned a bit further, as it were.

The Signal encryption technique with the double ratchet is the basis for many other implementations such as OMEMO (XMPP), OLM/MEGOLM (Matrix) or others.

In-depth information

A great site with introduction and special knowledge about cryptography: https://kryptografie.de/kryptografie/index.htm (external)

Super Secreto (book)

According to Wikipedia (external), a distinction is made between three eras of cryptography:

  1. encryption by hand
  2. encryption with (mechanical) machines
  3. encryption with computers

The author Theo Thenzer has written the book “Super Secreto” on the third era of cryptography.

At Free Messenger you can download the English version >> here << (PDF file; 6.4 MB), which the author has kindly made available.
Many thanks for that!

Description:

Super Secreto - The Third Epoch of Cryptography” provides an introduction to “top-secret” communication and integrates socio-political perspectives with technical innovations and information on practical programs and tools for encryption:

Multiple, exponential, quantum-secure and, above all, simple and practical encryption for all

With so-called “end-to-end” encryption for all, privacy can remain secure: not only with “GPG”, but ideally also with algorithms such as “McEliece” or “NTRU” due to the growing computing power of quantum computers - or even multi-encryption, in which so-called “cipher text” is encrypted even more times.

The global privacy crisis in the 21st century also includes discussions about the right to encryption and restrictions on end-to-end encryption. In order to communicate confidentially and tap-proof, simple and practical encryption is needed for everyone. But how can this really be available to everyone?

For centuries, the magic of replacing readable characters with other, seemingly random and therefore unreadable characters had something almost religious about it: only those initiated into the invention of a secret language could crack the messages. Encryption remained Super Secreto - Streng Geheim - Top Secret!

In the age of smartphones and pocket computers, it is now available to everyone: increasingly sophisticated mathematics calculates the so-called cipher text with corresponding keys in our messengers. And both the key and the encrypted text used to have to be transmitted to the recipient. In today’s era of cryptography, the transmission of keys is no longer necessary: The risky transportation route for the keys can even be omitted!

The fascination of how cryptography has become abstinent in the transmission of keys - what effect it has on the desire of interested parties for duplicate keys - and how multiple and exponential encryption make it resistant to the decryption attempts of super quantum computers, … is what Theo Tenzer tells us in this exciting political, technical and socially relevant portrait of innovation and science in the third era of cryptography.

Aus dem Inhaltsverzeichnis:


7 Digital and cryptographic sovereignty: National, personal and entrepreneurial ● 252
8 Apps, programs and tools – with which learners learn, to become Encryption Master No. 1 ● 264
8.1 Hard disk encryption with Veracrypt ● 264
8.2 Smoke Crypto Chat: Mobile McEliece-Messenger ● 267
8.3 Spot-On – Well-known suite for encryption ● 274
8.4 Rosetta-Crypto-Pad – With conversions to a conversation ● 278
8.5 GoldBug Messenger – Show us your GUI ● 280
8.6 Delta-Chat: POPTASTIC popular ● 283
8.7 Silence - A SMS-App with End-to-End-Encryption ● 286
8.8 Conversations App: The old dinosaur in the moult? ● 286
8.9 Hacker’s Keyboard: Prevent taps in plain text ● 289
8.10 Federation without accounts: Echo Chat Server & XMPP Server & Matrix Server & Co● 290
8.11 Netcat & Socat: Terminal-commands as Telecommunication system? ● 299
8.12 RetroShare: What was Turtle Hopping again? ● 300
8.13 Get four mailboxes from friends without human number identification: Institution, Care-Of, Ozone and BitMessage ● 303
8.14 In the invisible DHT-network with Briar ● 316
8.15 Encrypted File-Sharing: Freenet & Offsystem ● 318
8.16 OnionShare – Transfer without chat ● 325
8.17 Websearch and P2P-URL-Sharing with YaCy & Spot-On ● 326
8.18 Web browsing with Dooble, Iron and a Cookie-Washer● 332
8.19 Tor Browser: Disguise the IP address ● 334
8.20 A network with a perspective for surfing: Hello Echo… ● 336
8.21 I2P Network: Invisible in the mix network ● 337
8.22 If you can do UNIX, you can do GNUnet ● 338
8.23 OpenVPN – an established tunnel to the peer? ● 338
8.24 Checkpoint CryptPad ● 340
8.25 OpenStego – I don’t see anything that you can see ● 341
8.26 Tails – Amnesia at the Kiosk ● 342
8.27 Mumble Audio as well Jitsi, Nextcloud and BigBlueButton Video Chat ● 343
8.28 Telegram, Threema and Wire ● 343
8.29 Mastodon’s decentral Chat-Servernet ● 345
8.30 Public enemies No. 1: Cash and microphone-free rooms prevent glass people ● 346
8.31 Cryptographic Cafeteria ● 348
9 Interoperability, Congruence and Interconnectivity of Scottish Eggs ● 350
9.1 Interoperability: not only technically a hopeless endeavor? ● 350
9.2 Big-7-Study: Open-source Messenger in comparison ● 354
9.3 Messenger Scorecards: For the completeness of cryptographic criteria ● 361
9.4 Possible recommendations for the standardization and interoperability of messengers ● 367
9.5 Technical outlook: The coat of the Scottish egg - State servers as an overlay network? ● 372