Cryptology ePrint Archive: Report 2022/449

On End-to-End Encryption

Britta Hale and Chelsea Komlo

Abstract: End-to-end encryption (E2EE) is vitally important to security and privacy online, yet currently under-defined. In this note, we map intuitive notions of end-to-end encryption to existing notions of encryption. In particular, we introduce the notion of endness as an notion which end-to-end systems must achieve in addition to traditional security notions associated with encryption, and provide formalizations to capture practical requirements. We demonstrate how the notion of encryption plus endness relates to a variety of case studies that either meet normative security understanding of E2EE or are considered normative failures. Finally, we extend these observations to authentication, and real-world authenticated channel use variants, including authenticated encryption with associated data and message franking.

Category / Keywords: foundations / End-to-End Encryption (E2EE), End-to-End Authentication (E2EA), authentication with associated data (AEAD), System Security, Secure Channels

Date: received 8 Apr 2022, last revised 12 Apr 2022

Contact author: britta hale at nps edu, ckomlo at uwaterloo ca

Available format(s): PDF | BibTeX Citation

Version: 20220412:153226 (All versions of this report)

Short URL: ia.cr/2022/449


[ Cryptology ePrint archive ]