So for fifthtry, I was considering adding encryption feature, so that one can write personal stuff here, without worrying if I (the site admin) can read their stuff.
We have two encryption methods, asymmetric vs symmetric. In symmetric same key/password is used for both encryption and decryption. In asymmetric, one key is for encryption and other for decryption.
Usability wise, both have kind of failed, and here definition of success is “how many billion people use this today?”.
In symmetric, we have to worry about passwords, and sharing passwords, virtually every time I have used this feature in any software, I have lost data because I forgot password.
In asymmetric ones, it’s even worse, as you have to worry about passwords and files.
We have not figured out how to have secure passwords and files, so any method that depends on them will fail.
Where encryption has succeeded is ssl/https, billion(s) of people use this today, and it’s providing real security today.
This is asymmetric encryption, password sharing ones simply can not work beyond n > 1.
While it works, it’s core is based on trust, and thus is fragile.
Signal/whisper protocol is the other instance of successful use of encryption: billions of people use it today.
At its core, this system does not rely on trust the way ssl does. Let me elaborate.
In a system, we have to things to trust, a) one is the your hardware and software running on it, and b) the other is the infra pieces, the pipe, the internet providers, company involved, governments and so forth.
Its theoretically possible to create hardware and software that you can trust, and then you have absolute privacy with whisper (and I attest current commercial solutions are close to this). For absolute privacy using ssl you have to be god (though for commercial privacy, current commercial solutions are ok: and thus the success).
There are two critical elements on which the absolute privacy in whisper stands (other than reliability of math/local-hardware/software):
Personally Verifying Signature: (which has been made usable) using an off channel method (eg in person). In WhatsApp for example, you can click on a contact, and use camera to scan to verify that the key is valid if you are close to that person.
Local Storage: In the transit the messages are encrypted, and only locally the plain version is available. So if you use cloud backup of any kind, you may not have absolute privacy (unless that system is also end to end encrypted).
The messages are secure on your phone/device, and are from the person you verified (not been read or tampered with in transit).
Since key recovery is not possible, if you lose your phone, you lose past messages. And then you have to re-verify the contacts. With these steps you are absolutely secure (absolute == not even god, given our current state of technology/commerce).
The personal verification step is acceptable as 1. it has to be done once per person you want to securely interest with, per device. 2. No need to remember passwords etc.
Another moderate success of encryption is iCloud.
They honour the first condition of personally verifying signature by a sending a confirmation code to all other devices owned by that, that user has to enter for every new device to be added to iCloud account.
iCloud satisfies second condition by keeping encrypted stuff in cloud, and never the plain text one, which is only available on devices you own.
To implement password less encryption, we have to: