Since the 1970’s technological advancements have been vast.
The programming language C first appeared in the early 1970s.
In 1971, Intel released the first programmable microprocessor to the market, the Intel 4004.
The first email was sent.
The Apple II was released in 1977.
The Sony Walkman was released in 1979 which inadvertently became synonymous with portable tape players.
In 1977, the Tandy Corporation launched the TRS-80 through RadioShack stores.
The Commodore PET (Personal Electronic Transactor) was released in 1977 and became a top seller in some markets. The PET paved the way for the remainder of the PET line and eventually the Commodore 64. Anyone that owned one loved their C64, complete with cassette tape backup and little printer, they were the talk of the town and the envy of all.
The Data Encryption Standard in the U.S. was Federally Registered on 17 March 1975. This was a symmetric key algorithm for the encryption of electronic data. Though only after advice and adoption by the NSA was it widely adopted.
In 1976 the Diffie–Hellman key exchange was revealed, it introduced a radically new method of distributing cryptographic keys, which went far toward solving one of the fundamental problems of cryptography, the key distribution.
Now of course this is just a minute sample of advancements, and of course with all things, time stands still for no one.
Computer language did not stop with C. Intel has gone on to release some of the worlds fastest most advanced processors. Email is becoming obsolete. Apple and their Macbooks have become a staple in the Music, and Graphic Design world. The Sony Walkman? What’s that? Ah, Tandy, Radio who? Commodore?
All of these have either been replaced by their faster, more powerful predecessor or have died off altogether, well all but one.
The way we handle Key Distribution, the way we handle end to end encryption.
Even if you are not a computer geek, or encryption enthusiast you will recognize the phrase end to end encryption, for messaging apps have been patting themselves on the back, puffing out their chests, playing the role as a saviour, chanting words and phrases such as:
“We now offer end to end encryption, your messages can not be read by anyone other than who you send them too, no prying eyes, no third parties listening in on your calls, or watching your video conferences. We have saved you all from the likes of the NSA or Big Brother.”
Part of this is true, end to end encryption is crucial. It makes sure that third parties have a much more difficult time spying on you, whether that be reading your texts, looking at photos you might send, or even viewing your video calls. However, as mentioned above, since the 1970’s nothing has changed. The way we handle the transfer of these public keys, ensuring a secure encrypted communication model between two people, is based on 1970’s technology.
Granted, more and more layers of security and protocols have been draped over this procedure of transferring these public keys, however this does nothing in fixing the issues, only covering them up, turning a blind eye to the fact that, “Houston, we have a problem.”
For ever since its conception, the Diffie–Hellman key exchange has always had one fatal flaw, Man In The Middle Attacks.
Now, for those of you with some technical prowess you are very aware of this. There has been attempts to remedy this flaw, valiant attempts, though all of these were dependant on the same fallible aspect, humans. More on that later.
Man In The Middle Attacks
Searching this phrase will bring up a treasure trove of information and articles. Great explanations, confusing explanations and some rather interesting explanations. Though for the layman it is hard to wrap your head around.
Wikipedia has a great definition for what a man in the middle attack is:
“In cryptography and computer security, a man-in-the-middle attack (MITM) is an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.”
So, even though your communications are end to end encrypted, it makes no difference when someone in the middle has a copy of your public key to decrypt these messages. It’s no longer You and Jill, or You and Jack, it’s now You, Jack, and Jill.
The most dangerous aspect of this is YOU have no idea it is happening.
One of the earliest historical examples of this dates back to Mary Queen of Scots. In 1568, supporters of the imprisoned Mary wrote her a letter asking her to support an assassination attempt on Queen Elizabeth I. Mary’s reply was intercepted by Elizabeth’s agents, who altered the letter to ask for the identities of the conspirators. The conspirators’ reply, complete with a list of names, was again intercepted by the man in the middle, leading to the execution of Mary and her co-conspirators. From Medieval Times to Modern Times, the song remains the same.
Your messages can be altered, changed completely, read, shared with others, made publicly available, or used for numerous nefarious reasons.
The Solution, Blockchain Authentication
Earlier it was mentioned that there had been many attempts to solve this issue with Public Key exchange, however these attempts all had the same fallibility, which is The Need To Trust. Phil Zimmermann in 1992 created the “Web Of Trust” concept. This concept was based on the idea that people would accumulate keys from other people that you may want to designate as trusted parties. Everyone else will each choose their own trusted introducers. And everyone will gradually accumulate and distribute with their key a collection of certifying signatures from other people, with the expectation that anyone receiving it will trust at least one or two of the signatures. However it only takes one person to break this chain of trust. One person, with an agenda of their own, one bad apple will spoil the whole lot. It comes down to trust.
Can we trust a central authority?
Can we trust the companies which offer us this service?
Can we trust WhatsApp (Owned by Facebook) or the numerous other instant messengers that offer their service for FREE?
Do you mind if anyone goes through all your messages?
Crypviser has solved this issue. They have created a trustless model to handle this crucial process of transferring public keys, ensuring your communications are absolutely end to end encrypted with no possibilities of Man In The Middle Attacks.
They have solved the 40 year old achilles heel of Asymmetric Encryption.
They are the only company which has put this power, this advanced Blockchain Technology into an instant messenger.
Crypviser Secure Messenger was released, January 2019 for IOS, and a Public Beta version for Android.
From 2019 there is a choice.
Your Messages are now secured with true end to end encryption.
Phil Zimmermanns dream became a reality.
Man In The Middle Attacks are now a thing of the past.
Crypviser Secure Messenger. Secure private messaging for everyone.
True end to end encryption.