• Monkey With A Shell
    link
    fedilink
    191 year ago

    Depends on the application in use. The grail is end2end encryption with asymmetric encryption where no provider has access to the private keys. The difficulty is getting people on a common method where you can just look for your peer and get a public key handed to you without having to fuss around with where it was uploaded.

    Maybe the most common/simple would be looking into things like PGP. You and I would both have a public/private key pair. When I send you messages it’s encrypted with your public key and signed with my private key, and as a result only your private key can decrypt the message and you know it came from me because only my private key could have signed it.

    The ugly mechanics behind it don’t need to be anything you actually learn in detail, but just look for apps that offer end to end encryption where the encryption is set up locally rather than in the service provider’s host, if the host generated the keypair then functionally it’s useless because at that point they have the private key.

    • Ænima
      link
      fedilink
      61 year ago

      Please don’t take this as laziness, but what is PGP?

      • @vector_zero
        link
        91 year ago

        Pretty good privacy. It’s an unexciting name for a public/private key encryption program.

        • Ænima
          link
          fedilink
          61 year ago

          Thank you kind stranger! I’ll look into it more when my kid goes down for bed!