Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

What's preventing the vendor from breaking the E2E whenever they want in that scenario?


> What's preventing the vendor from breaking the E2E whenever they want in that scenario?

The key is write-only... there is no way for the vendor to read it without physical access to the device


Except that the vendor wrote the key to the device, so they can just write it to the device and to their internal database.


Well they can already do that if they want to, so this system doesn't change that. Responsible vendors wouldn't do that though (and if they do, just don't buy their products)


They can already do that if their crypto system is designed around derivative keys that they control, but you can design a system that does not work that way.

Apple, for instance, encrypts a lot of your data using your AppleID password, which they obviously don't know, so they have no way to decrypt that data.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: