Skip to main content

Encryption Q&A

What is End-to-end Encryption?​

End-to-end encryption is an approach in which a software system encrypts data upon capture, supports encryption throughout transfer, and allows for data decrypting only at the endpoint of their consumption. In such a way user data is not accessible in the non-encrypted form at any central entity.

Encryption is a process of converting a readable dataset into code in order to prevent unauthorized access. End-to-end encryption is a functionality in which a software system protects the data through its entire life cycle, from end-point capture and transit to storage and access.The intent of end-to-end encryption is to ensure that data is available only to authorized users and unreadable to anyone else.

The classic client-server architecture of internet software applications introduced the idea of centralized data storage on cloud or on-prem servers, while keeping software running on endpoints (i.e. the interfaces through which the users interact with the system), light in functionality, often reduced to data display and data entry. While convenient, this approach rests on the exposure of mass quantities of confidential user information to both data breaches (external threats) and misuse (internal threats).

Due to growing concerns for user privacy, end-to-end encryption quickly gained ground over the last decade . Signal protocol has been recognized as a golden standard in the developer community. It is used across various applications, including widely popular WhatsApp. Through Signal protocol, users’ messages are encrypted on their devices and exchanged with other users without the ability for the central entity to decrypt and access those messages. . The cryptographic primitives are exchanged in such a way that only the endpoints (sender and receiver) have access to the necessary decryption keys.

End-to-end encryption is currently spreading to various other businesses, augmenting the classic client-server architecture, and allowing developers to make privacy-first software in many other use-cases.

Blindnet offers a simple solution to developers to embed end-to-end encryption in their software architecture, protect user data and limit exposure and liabilities to only critical sensitive information.

Why do I need End-to-end Encryption​

  1. Fulfil users expectations and earn their trust. When users provide their personal and often sensitive information to a third-party , they assume that the data will remain private, confidential and protected. 1.Reduce liability in case of a breach. In case of a breach, if an intruder gets hold of user data, they won’t be able to benefit from it if you only store and transmit encrypted data. At the current rate breaches happen every 39 seconds1. Yep, you read it correctly.
  2. Comply with regulations. Depending on the location of your users (European, Californian, etc.) you are likely to be subject to regulation such as GDPR and CCPA imposing high standards in terms of user data privacy protection. Encrypting data, end-to-end, will meet compliance standards with regards to such regulations.

In short, there is no excuse not to protect user data. With blindnet, your application can ensure the highest level of integrity every time you retain or access sensitive information. In other words, whenever you process data that your service is not exploiting to generate value, keeping it unencrypted makes it only a liability for you.

Is blindnet a Trusted Third Party?​

No. blindnet does not nor will ever have access to the data that transmits through its network. Therefore, we are a zero-trust third party. We constructed our services to ensure that user data stays protected, end-to-end.

A Trusted Third Party is a software provider that has an ability to store, access or read user data. . You have to trust that they will do nothing to compromise the data you have provided. However, one can never be too cautious. At blindnet, we believe that internet users deserve better than to be at the mercy of a Trusted Third Party. Our goal is to break from this retrograde model, and offer a technological solution, such that blindnet (and in many cases even your client systems too) has no way of decrypting and reading the actual user data.

You don’t need to trust that blindnet will not read and misuse your users’ data, because we simply can’t. You can also go and inspect our source code on github, and make sure that our implementations are consistent with this core promise.

  1. "At the end of 2016, a business fell victim to a ransomware attack every 40 seconds. Cybersecurity Ventures predicts that will rise to every 14 seconds by 2019 — and every 11 seconds by 2021". Cybersecurity Ventures report
    A Clark School study is one of the first to quantify the near-constant rate of hacker attacks of computers with Internet access—every 39 seconds on average—and the non-secure usernames and passwords we use that give attackers more chance of success. Study↩