What is the difference between normal chat and e2e encryption in practice ?

Mintou

Hello,
I live in a country where only Skype is allowed and where VPN is not an option for vast majority of people. Using normal chats in Skype is already encrypted, but Skype also offers end to end encrypted chats. I am curious to know what is the different, does non-e2e chats are accessible by any middle man who has access to my network (basically the government) ? What is the real advantage of using e2e over normal chats, more than a) Microsoft not being able to access my chats for telemetry b) the chat staying between the two devices only, meaning that if accounts get hacked the hacker won't access the e2e encrypted chats...
Is there any other advantages more than the two said above ?
Beat regards.

[deleted]

Mintou

zero knowledge e2ee means that no one in the world can read your encrypted messages except you and the person you send it to. Not the government, not the proivder whose platform you are using, not the internet service provider, no one. That means if your messages are intercepted by a MITM attack, all they will see is unreadable cypher text.

There are exceptions to defeating this (spyware, etc), but this is the purpose of using e2ee.

final

End-to-End encrypted communications cannot be read by the communications provider (in your example, Microsoft), while normal communications with transport encryption like Skype could be read by the provider if they chose to. Typically governments would only see your communications if they had a co-operation with Microsoft that would disclose your messages or if they were reading your communications from a different channel like getting access of the device you are performing the communications onto.

The best advantages of End-to-End encrypted chats is the two things that you mentioned already. A third advantage is that end-to-end encrypted communications cannot be tampered with as the provider only sees encrypted data that it cannot decrypt and change.

E2EE will count for message contents, but possibly not count for metadata like the length of a communication, good example of what metadata could infer is written here: https://ssd.eff.org/module/why-metadata-matters

bookreader

final Just to add to what you said, end to end encryption is only secure if nobody else has access to the keys. For something like skype, you should ASSUME that M$ does have the keys. In addition, its only as good as the cypher being used, so if they're saying E2EE, but employ an ROT cypher or similar nonsense, its as good as cleartext against anyone but the most inexperienced hacker.

missing-root

Damn what country is that? Why are VPNs no option, why can you access this website but not SimpleX or something?

Did you hear of Deltachat? It works over mail which may not be blocked, and also has E2EE.

Also try to get the orbot app and maybe use a snowflake proxy. I have no idea how a Government would block messengers.

Why E2EE is important should be obvious. I also wouldnt trust Microsoft or Whatsapp on those claims.

Mintou

Hello

[deleted]
If normal chats (non-e2e chats( are intercepted by MITM attack, what do they see exactly ?

Panda-na

[deleted]

Don't forget that backups of the message data can be unencrypted. For example if you backup your data in Whatsapp, the default is to save it to your Google Account/Cloud in an unencrypted form (eventhough the drive itself is encrypted). It's the same for Apples iMessage, all the backups is accsessible to you and Apple.

[deleted]

Mintou
Encyption turns plaintext into cipher text.

An intercepted plaintext message would like this:
"Hello how are you today?"

An intercepted ciphertext message would look like this:
"jhhrefg54904fjgdnit94340ofhng59iyhjg"

https://proton.me/blog/what-is-encryption

[deleted]

Panda-na

Not an issue because you shouldn't be using a Google or Apple spyware product in the first place. Good knowledge to know though!