Site Options:

Kadix

Keylogging Ontology

End-To-End Encryption

End-To-End Encryption (E2EE), or non-certified Point-To-Point Encryption, ensures that data travelling over a network or the internet is securely encrypted from the point of data entry to the point of destination. The originating party encrypts the data, and the receiving party decrypts it. The purpose of end-to-end encryption is to prevent intruders from accessing the data in a usable state.

Technical

Figure 1. End-To-Encryption extended to include application and database servers.

   Figure 1. End-To-Encryption is extended to the application and database Servers.

Common network sniffers include:

  • WireShark

  • NetMon

If an intruder is able to monitor the connection at an end-point during the encryption key exchange, even HTTPS is compromised

Data At Rest Limitation

Context: MobileTrust, GuardedID.
In mobile device and desktop environments, keystroke encryption is part of End-To-End Encryption. However, once encrypted keystrokes reaches their destination and becomes data, or 'Data At Rest' in permanent storage, it is decrypted and may be vulnerable regardless of its former encrypted state. Data At Rest encryption software is available; some advanced operating systems and databases have encryption options.

In MobileTrust, Data At Rest is stored in an encrypted back-end database.

Related Information:
Keylogging Ontology
Problem & Solution
MobileTrust: FAQs

Related Reference:
Data At Rest
HTTPS