Key Transparency allows communicating parties to verify public keys used in end-to-end encryption. [1] In many end-to-end encryption services, to initiate communication a user will reach out to a central server and request the public keys of the user with which they wish to communicate. [2] If the central server is malicious or becomes compromised, a man-in-the-middle attack can be launched and communications can be intercepted and manipulated. [3] Additionally, legal pressure could be applied by surveillance agencies to manipulate public keys and read messages. [2]
With Key Transparency, public keys are posted to a public log that can be universally audited. [4] Communicating parties can verify public keys used are accurate. [4]
Key Transparency allows communicating parties to verify public keys used in end-to-end encryption. [1] In many end-to-end encryption services, to initiate communication a user will reach out to a central server and request the public keys of the user with which they wish to communicate. [2] If the central server is malicious or becomes compromised, a man-in-the-middle attack can be launched and communications can be intercepted and manipulated. [3] Additionally, legal pressure could be applied by surveillance agencies to manipulate public keys and read messages. [2]
With Key Transparency, public keys are posted to a public log that can be universally audited. [4] Communicating parties can verify public keys used are accurate. [4]