Fingerprint end-to-end encryption
Improved endpoint security using FE2EE
🔑 What is E2EE?
According to Wikipedia End-to-end encryption (E2EE) is a system of communication where only the communicating users can read the messages. In principle, it prevents potential eavesdroppers — including telecom providers, Internet providers, and even the provider of the communication service — from being able to access the cryptographic keys needed to decrypt the conversation.
💡 What is FE2EE?
FE2EE stands for Fingerprint end-to-end encryption It’s just a made up term based on my idea on how we could improve end-to-end encryption or at least the authentication around end-to-end encryption.
In a nutshell: applications should allow users to switch on FE2EE. After that, a fingerprint scan is required to authenticate that the receiver is the owner of the device and thus is authorized to read the contents of that message.
🛠 A good way to implement FE2EE?
Existing applications should be able to keep their current E2EE techniques/features the fingerprint only adds a level of authentication. And must be enabled throughout the settings panel of the application (so you can opt-in if you want).
After the authenticity of the user is validated. The user should have the possibility to edit the level of (re)authentication. I can imagine a user would just want to receive an authentication request on app start or maybe before each message.
Note: This is just an idea on how to implement it if you think there’s a better/safer/easier way, please share it.
📱 How could FE2EE be used on my phone?
Some iOS and Android devices can do fingerprint scans (a biometric scanner module on your device is required). It allows the devices to perform the most secure security check to date.
Note: Although fingerprint scanning has already be hacked a couple of times by the Chaos Computer Club it’s still much safer than a passcode or pattern.
✏️ Share you toughts
Please share your toughs below, tweet me or send me an email. Also if you have some constructive feedback on my writings please, reach out to me.
If you enjoyed reading this article, it would mean a lot if you recommend it using the ❤ ️ icon, follow me and share the story with your colleagues and friends. Also follow me on twitter @0x1ad2 and feel free to ask me anything.