Cryptography
encryption tls meet-in-the-middle-attack
Updated Wed, 29 Jun 2022 21:13:05 GMT

Why doesn't TLS provide E2EE?


Why doesn't TLS provide end-to-end encryption?

This question is somewhat related to this, this and this. If you want to talk to someone, say, through facebook, the TLS connection ends in the facebook server and they may be able to read it, before re-encrypting and sending it to the intended recipient. This seems a little off to me. Assuming the only thing facebook needs to forward the message is the metada which is not encrypted anyway, why TLS enables them to decrypt the message?




Solution

TLS encrypts a channel, and that channel is between your browser or app and the Facebook server. You do not have a TLS connection to the friend you are sending a message to. There are messaging protocols that do support end-to-end encryption, but Facebook's is not one of them and TLS doesn't really ccome into it.