What is end-to-end encryption
Nowadays you are constantly hearing the term End-to-end encryption. But what kind of a beast is that and how it differs from normal type of encryption? Today we’re going to answer that question and we are going to do it using very easy to understand analogies.
So, imagine you there is a very secure safe in a bank, it’s very safe and constructed from some alien metal that is impossible to cut, melt or explode. The safe also has a lock, which is again is impossible to break, melt, explode, etc, you need a key to open it.
Now you have stored your valuable things in the safe, what would you naturally do? You will take your key with you right? You will not leave it to the bank employee or some other person right? But this is what you are actually doing when using popular backup and sync services like Google Photos or Apple iCloud. Sure they keep your data encrypted on their servers, but they also hold the keys, that are needed to decrypt your data.
Anyway let’s get back to the end-to-end encryption. So you have locked your stuff in the safe and took a key with you. Nobody except you has the key to open the safe again, EVER! That’s the idea of end-to-end encryption, it’s that simple!
What is 256 bit key
Yeah, by the way, your key looks like this!
It’s a long sequence of 1s and 0s. This is actually a 32 bit key. It means there are 32 1s and 0s and they are random.
Here is an illustration of 128 bit key, long huh? We are not even going to try to illustrate 256 bit key, it will look like a long string :). Stingle Photos and other secure software use only 256 bit keys.
Why 256 bit keys are secure
So, you may ask, how secure is 256 bit key? After all 256 doesn’t seem like a lot right? You probably can count to 256 in 2-3 minutes right? The thing is that the number of possible combinations is 256 bits are 2256. This is a ridiculously large number! Have a look!
This number is bigger than the number of atoms in the perceivable universe. And not by just a little bit either. Exponentially bigger. This number is so big that the human mind can’t comprehend how big it is. It’s just really big. Huge. I can not overstate this enough. This is a very big number. Only a fool would attempt to brute force this many possible combinations.
How keys are generated from passwords
OK, we got this, 256 bits a lot and it’s impossible to brute force. But wait a minute, you are not entering 256 0s and 1s when you login to Stingle Photos right? You are entering a password. So we have to somehow create 256 bits of data from your password. And here comes the Achilles’ Heel of the security of every password based system. Stingle Photos and other well designed and secure software doesn’t use user provided password as a key directly. It uses special algorithms to deliberately slow down key generation to dramatically slow down any brute force attempt.
BUT! Security of your data directly depends on the quality of your password. What is quality? It’s the length and whether you have used uppercase letters, special characters and numbers.
Is your password is secure?
I would recommend to experiment with Steve Gibson’s Password Haystacks to get sense if your password is secure and which passwords are more secure. No cryptography will save you if your password is “123456”.
As you already know Stingle Photos uses end-to-end encryption and you and only you has your key and nobody else. Your main key is actually protected with your password, so you have to choose a unique and strong password.
With great power comes great responsibility!
Because you and only has your key, and nobody ever in the world will be able to decrypt your data without your key, then you also has the responsibility for not loosing that key. If you loose your key, it will be impossible to get your data again. Unlike other services Stingle Photos doesn’t have reset password by email or something similar. It’s just impossible.
If you got interested and want more in depth technical details about Stingle Photos cryptography and construction you can get all the info in our Security Whitepaper.