Operations and Life

  Download PDF version of this article PDF

Operations and Life

Improvement on End-to-End Encryption May Lead to Silent Revolution

Researchers are on the brink of what could be the next big improvement in communication privacy.

Thomas A. Limoncelli

Privacy is an increasing concern, whether you are texting with a business associate or transmitting volumes of data over the Internet. Over the past few decades, cryptographic techniques have enabled privacy improvements in chat apps and other electronic forms of communication.

Now researchers are on the brink of what could be the next big improvement in communication privacy: E2EEEE (End-to-End Encryption with Endpoint Elimination).

This article is based on interviews with researchers who plan on presenting at a symposium on the topic scheduled for April 1, 2023.



Over time, the ability to listen in (eavesdrop) on communication has gone from wide open to highly restricted. E2EEEE improves on E2EE (end-to-end encryption) by restricting access even more.

Originally, communication was not encrypted at all. Eavesdropping was as simple as gaining access to the communication path. Therefore, the people with access to the communication included the two parties intended to communicate, plus an unlimited number of eavesdroppers. In E2EEEE parlance, the number of participants is infinity.

Next came client-to-server encryption: Both parties securely communicate to a server, which acts as a relay. While the path between a client and the server is encrypted and private, the server itself sees the entire contents of the message. It is only as secure as the trustability of the organization running the server. In E2EEEE parlance, the number of participants is three.

E2EE followed. This is where one client encrypts the message and the only party that can decrypt the message is the receiving party. Whether the message goes directly from one party to another or passes through a server, the content of the message is known only to the sending and receiving parties. In E2EEEE parlance, the number of participants is two.


Two Research Paths

A reduction from infinity to three, then to two, is quite an impressive evolution! Recently, scientists have begun to ask the question, "Can we do better?" The next reduction, from two to one, might be the biggest challenge in the history of cryptography.

Dr. Janine Minuswon of Velleity University is one cryptography researcher who is answering the call to action. Her research solves the problem at the key-exchange phase of communication, or rather, by avoiding key exchange completely. By not communicating the decryption key to the receiver, the number of parties with access to the plaintext message is reduced from two to one as desired.

Dr. Minuswon recounts the moment of inspiration for this line of research. "At the time, my research project needed to implement the Diffie-Hellman Key Exchange algorithm. However, our code had a bug and the keys were failing to exchange." Frustrated after a day of fruitless debugging, Minuswon and her team left for the day.

That evening, Minuswon happened to watch a television program about famous inventions that had begun as mistakes. The program told the story of products that had sprung from accidents, such as Lexan, the Post-It Note, and Super Glue.

Minuswon recalled "I began to consider, what if the bug was a good thing?" It was a question that changed the focus of her research. Her team's research now focuses on leveraging a nonfunctional key exchange. The receiving party would still receive the encrypted communication but without the decryption key, thus achieving the goal of E2EEEE.

Another hotbed of E2EEEE research is Otiose University, led by principal investigator Dr. Lou Huston at the O'Reilly Center for Low Bandwidth Communication Research. Rather than focusing on the receiver, Huston's research focuses on the sender.

Huston explains, "Our goal is to achieve the 'two to one' reduction at the sender end." His team's research is inspired by the old saying, "If you don't have anything nice to say, don't say anything at all."

Huston also found inspiration from an unusual source: "I was having difficulties setting up Zoom to talk with a fellow researcher. It was 10 minutes of 'Can you hear me?' and 'What if we try clicking this button?' when I realized I didn't even want to talk with this person." Huston's research team reduces bandwidth by encrypting the message but not sending it to the intended receiver.

If Huston's name sounds familiar, that's because communication research runs in the family. He is the grandson of Lou Huston, inventor of the cones of silence, a technology popular in espionage agencies in the late 1960s.


Industry Reaction

Industry pundits are hailing both techniques as having great promise. Industry analyst William Menninger commented, "There's a large untapped market for E2EEEE communication apps. A convenient, easy-to-use E2EEEE phone app would be very attractive to children with estranged parents, people with social anxiety, hermits, recluses, and a plethora of other situations."

Whether Minuswon or Huston's line of research will be successful first is yet to be seen. Both are expected to publish papers about their current work in the coming months.

A symposium on the topic will be held on April 1, 2023, at Nonesuch University in Itsajoke, California.


Thomas A. Limoncelli is the co-editor of the book The Complete April Fools' Day RFCs (http://www.rfchumor.com/), and the site reliability engineering manager at Stack Overflow Inc. in New York City. His other books include The Practice of Cloud Administration (http://the-cloud-book.com), The Practice of System and Network Administration (http://the-sysadmin-book.com), and Time Management for System Administrators. He blogs at EverythingSysadmin.com and tweets at @YesThatTom. He holds a B.A. in computer science from Drew University.

Copyright © 2023 held by owner/author. Publication rights licensed to ACM.


Originally published in Queue vol. 21, no. 2
Comment on this article in the ACM Digital Library

More related articles:

Raphael Auer, Rainer Böhme, Jeremy Clark, Didem Demirag - Mapping the Privacy Landscape for Central Bank Digital Currencies
As central banks all over the world move to digitize cash, the issue of privacy needs to move to the forefront. The path taken may depend on the needs of each stakeholder group: privacy-conscious users, data holders, and law enforcement.

Sutapa Mondal, Mangesh S. Gharote, Sachin P. Lodha - Privacy of Personal Information
Each online interaction with an external service creates data about the user that is digitally recorded and stored. These external services may be credit card transactions, medical consultations, census data collection, voter registration, etc. Although the data is ostensibly collected to provide citizens with better services, the privacy of the individual is inevitably put at risk. With the growing reach of the Internet and the volume of data being generated, data protection and, specifically, preserving the privacy of individuals, have become particularly important.

Kallista Bonawitz, Peter Kairouz, Brendan McMahan, Daniel Ramage - Federated Learning and Privacy
Centralized data collection can expose individuals to privacy risks and organizations to legal risks if data is not properly managed. Federated learning is a machine learning setting where multiple entities collaborate in solving a machine learning problem, under the coordination of a central server or service provider. Each client's raw data is stored locally and not exchanged or transferred; instead, focused updates intended for immediate aggregation are used to achieve the learning objective.

Mark Russinovich, Manuel Costa, Cédric Fournet, David Chisnall, Antoine Delignat-Lavaud, Sylvan Clebsch, Kapil Vaswani, Vikas Bhatia - Toward Confidential Cloud Computing
Although largely driven by economies of scale, the development of the modern cloud also enables increased security. Large data centers provide aggregate availability, reliability, and security assurances. The operational cost of ensuring that operating systems, databases, and other services have secure configurations can be amortized among all tenants, allowing the cloud provider to employ experts who are responsible for security; this is often unfeasible for smaller businesses, where the role of systems administrator is often conflated with many others.

© ACM, Inc. All Rights Reserved.