End to End encryption security
Very high security risk context represent a typical scenario for end-to-end encryption.
Usually end-to-end encryption is required by government agencies or small group of “secure” speakers to protect mobile phone calls against wiretapping.
Protection is extremely strong and goes directly from caller mobile phone up to called mobile phones, without any chance for intermediate devices (PBXs, routers, switches, firewalls) to be able to listen to the call.
That’s the strongest security model, called end-to-end encryption and we enforce it with ZRTP protocol.
ZRTP is the open IETF standard voice encryption system invented by Philip Zimmermann that requires human-based verification for the encryption of a call.
To simplify with an example:
End-to-end encryption is a security model where the parties of a communication establish the security directly among them, without trusting the server.
This means that the communication is not only protected against third party, but also against the server own that is not able to record any communication.
For example, a Google Gmail users can send to another Google Gmail users an excel spreadsheet that's encrypted with excel password protection.
In that case Google, even if the data cross their servers to transfer the data between users, cannot access the document because it has been encrypted with a password know only to the sender and the receiver.
