• Servers

    Servers

    Browse through our wide range of reliable and ready to deploy products and services that support the demands of your website, or application.
    Forex VPS
    Run Your Trades At Lightning-Fast Speed.
    Windows VPS
    The cost-effective choice that lets you focus on your business with confidence.
    Linux VPS
    Deploy rapid provisioning instances within minutes.

    cPanel VPS

    Pre-installed cPanel for your website

    Dedicated Server
    Robust, secure and industrial-grade dedicated servers.
    Linux Dedicated Server
    Affordable, fast, reliable.
    Windows Dedicated Server
    High Performance for Windows Applications.
    Dedicated Email Solution
    Server designed to serve your heavy email usage.
    VPS Server Management
    Reliable management services for your VPS.
    Dedicated Server Management
    Leave your dedicated server to our expert.
    Server Colocation
    Reliable Colocation data center for your server infrastructure.
    Server Migration
    Professioal & Reliable migration service.
  • Solutions

    Solutions

    Customized and specialized hosting solutions that are crafted to meet each and every demand of your business needs.
    Acronis Backup
    Agentless backup & recovery for cloud environment.
    Veeam Backup
    Fully secured environment for your data.
    Veeam Cloud Connect
    Fully integrated solution to backup & restore.
    Hyper-Availability
    Boost Availability For Your Business.
    Disaster Recovery (DRaaS)
    Recover & Prevent data loss from disaster powered by Veeam.
    VMware Cloud
    Professional Cloud Hosting To Handle Heavy Workloads.

    Private Cloud

    Scalable private cloud solution hosted within Australia.

    SSL Certificate

    Build your customer trust and confidence.

    Website Scanner
    Complete, cloud-based website protection.
    Managed AWS Solution
    Increase visibility & scalability of your AWS Cloud.
  • Hosting

    Hosting

    We offer range of hosting services that support the demands of your website, or application.

    Business Email Hosting
    Antispam & Secure email server backed by SmarterMail.
    Linux Web Hosting
    Web Hosting with Premium Security Features.
    WordPress Hosting
    Simplify Your Management with WordPress Toolkit.
    VPS Reseller
    Make More Money by Selling Market Leading Cloud Servers.
    Business Hosting
    Combination of high-performance server with SSD Drive for your business.
    Clustered Hosting
    The best hosting to increase availability and minimize business overload.
    Hosting Transfer
    Switch to Casbay Hosting and get exclusive discount on our plans.
  • Domain

    Domain

    Register your business domain or transfer your domain to Casbay anytime.

    Register .MY Domain

    Get your domain for local business in Malaysia.

    Register Domain

    Choose your domain extension with affordable price.
    Domain Transfer
    Transfer & Renew Your Domain at Cheapest Price.
    Domain Life Cycle
    Understanding how the life cycle of a domain works.

    Domain Privacy Protection

    Protect your private information with Whois.

  • Why Us

    Why Us

    It’s not about what we say, it’s about what we do. Learn more about Casbay’s background and confidently join our growing community.

    About Casbay

    Our vision, history and photo gallery.

    Our Data Center
    Tier III certified data centre in Malaysia.

    Privacy Policy

    Understanding Casbay Privacy Policy.

    Client Reviews

    Find out what our clients say about us.

    News

    The latest news and media releases.

  • Contact
LIVE CHAT
LIVE CHAT

Latest Article

Casbay News

Promotions

Casbay Events

Tips Sharing

aaa

Stay tuned with us

End-to-End Encryption

E2EE: The Good, the Bad and the Politics

/ Tips Sharing / By

What is End-to-End Encryption? How is it Different from Other Encryption?

How Encryption Works

We’ll get “end-to-end” encryption in a moment— but let’s first understand what encryption is and what it does before that.

Consciously or unconsciously, when we use the internet through our computers, we all send and receive much information. And some of this information is sensitive (passwords, financial information, personal photos, etc.) and could cause considerable harm if somebody steals or tampers with it. So, how are we to make sure nobody does that? Okay, here’s where encryption joins.

Encryption is the technique that transforms our data into an undecipherable file for no third party to be able to read or alter. That’s what keeps us safe in Internet Ocean.

Here is an example of a text sentence which was encrypted:

  • Plain text: This is a Facebook message.
  • Encrypted text: eXP3jH+7giCt1gIg0zHm3j3DPI1xuFRvbhmaKJx/uQQ=

As you can see, there is no way to figure out what the encrypted text implies-unless you have the private key to decrypt it, of course.

Facebook Messenger Is Already encrypted — here’s How It Works

Facebook Messenger already uses encryption — just not end-to-end encryption. “Normal” encryption (a.k.a. link encryption) works like this:

  1. Sender forms an encrypted connection with Facebook’s servers.
  2. Sender submits the encrypted message to Facebook’s servers.
  3. Facebook decrypts the message and stores it on their servers.
  4. Facebook’s servers form an encrypted connection with the recipient.
  5. Recipient downloads the message via an encrypted connection.

Note that in this scenario, Facebook controls the encryption/decryption, and Facebook has access to the decrypted message.

How End-to-End Encryption Works

Now, let’s get encryption end to end. It is just what it sounds like — end-to-end encryption enables the form of encrypted communication that can only be read / seen by the sender and receiver. No one in the middle — including Facebook, the government or another provider of messaging services — can read / decrypt messages from one device to another.

That is to say, the messages you send are decrypted at the contact endpoint— the computer you send messages to. The server through which you send the data (i.e. Facebook) will not be able to decrypt or display your messages.

Facebook Can’t See Your Messages When They’re End-to-End Encrypted

The distinction between the two is that while standard or link encryption encrypts the data, the encrypt data can be decrypt by the server that transmits information between two devices. On the other hand, end-to-end encryption allows the server to relay the data (how else would the data transfer take place?), but this does not require the server to decrypt the data. The server is therefore merely a medium that enables the transmission of encrypted information by data. WhatsApp or any other encrypted end-to-end app will therefore not be able to read the details (even if they so wish).

End-to-End Encryption: The Good

The principle of end-to-end encryption is largely support by security professionals and privacy experts since it better protects the data from hackers and other parties who may want to spy on you. When you authorize the data transmitter (in this case the messaging service provider) to decrypt your messages, you leave a significant potential security hole that could cause problems if the server is compromise, hack or monitor.

Nevertheless, if the information is secured end-to-end, there is no point in intercepting information halfway down the line, as it is in encrypt format. It thus preserves the privacy of millions of people and guarantees them that their private information could not be accessed by anyone— not even the messaging service itself. For this reason, experts (including organizations such as the Electronic Frontier Foundation (EFF), the Democracy & Technology Center and others) promote the use of end-to-end encryption in messaging applications.

End-to-End Encryption: The Bad

The main argument against end-to-end encryption (and for link encryption) is that end-to-end encryption creates a “safe space” for criminals to communicate where there is no third party that can read their messages and perform security checks. In other words, the technology which is suppose to protect the privacy of millions of people and businesses also protects the privacy of criminals.

I’m not saying I’m in favor of this claim but it certainly holds some weight. If the server could decrypt the data, then we could have a program that would help catch the bad guys. The option is gone in the case of end-to-end encryption. I don’t know what other motivations they might have, but that’s the justification the U.S., U.K., and Australian governments are using to up end end-to-end encryption.

End-to-End Encryption: The Politics

While the claim made by different governments may to some degree valid, there is always a question mark as to their full intent. Will they think about the crimes that may cover due to end-to-end encryption, or do they cry foul to fulfill a bigger agenda: getting the ability to spy on people easily?

Bearing in mind the evidence available to us so far, both seem likely to be true.

And it is worth noting here that Edward Snowden, the prominent whistle-blower of the National Security Agency, previously revealed the intelligence services in the U.K. And for many years the U.S. intercepted mass-scale messages via various channels. So, where are you going to draw the line as regards interference by governments? Encryption can be use for both good and bad, but surveillance can do so!

An Encryption Backdoor Is Not the Solution

If you’ve been following this whole encryption saga, you must have stumbled over the term “backdoor”. Basically, a backdoor is a mathematical feature of the encryption key exchange that could decrypt end-to-end encryption. No one knows about it except those who did it (the messaging service). It’s like a secret key in folk language. So when, let’s say, a judge orders a warrant to turn over certain information to the government in a decrypted format, the messaging app. It could use this “backdoor” to provide the government with your decrypted information.

Yet, again, this comes with a risk— a big one. What if that mighty device falls into the wrong hands? If somehow a cybercriminal gets hold of this “secret key,” they could have access to all your private pictures, texts, and so on and do who knows what about them! And that is why building a backdoor might be even more dangerous than standard encryption concerns.

End-to-End Encryption