Click here to visit Original posting
- Surfshark is looking to improve the privacy of current end-to-end encryption with a new patent
- The plan is currently based on distributed trust-based communication frameworks
- Despite this, Surfshark says its approach differs from the likes of NymVPN and ObscuraVPN
Surfshark has just registered a new patent looking to improve the privacy of current end-to-end encryption (E2E) systems.
Based on a distributed trust-based communication infrastructure, Surfshark's proposed method seeks to reduce the amount of visible metadata – meaning all the data that isn't the content – by splitting the encryption process between two separate VPN providers.
Better metadata privacy
Encryption refers to the scrambling of data into an unreadable form and is the technical solution born to protect these online activities.
End-to-end encryption (E2E) is the tech used by virtual private networks (VPNs), some secure email services, and messaging platforms to ensure the content of the message remains private between the sender and the receiver.
A lot of metadata is still visible to the provider
Karolis Kaciulis, Surfshark
Yet, Surfshark's Lead System Engineer, Karolis Kaciulis believes that it's time to go beyond E2E.
He told TechRadar: "After the emergence of E2E encryption, we feel that the topic of user anonymity and security while using various messaging systems and technologies has stagnated. We believe there is still room for improvement."
The main issue with today's encrypted messages, Kaciulis explains, is that while these messages cannot be accessed by unwanted third parties, "a lot of metadata is still visible to the provider."
Metadata includes details such as who sent a message to whom, when the message was sent, the size of the message, and many others.
This is where Surfshark's new patent comes in. Based on a distributed trust-based communication framework, it seeks to introduce a new way for VPN providers to handle encryption and de-centralize the ownership of the message.
Such a framework would involve two different VPN companies handling the encryption process so that no single entity has all the information in its entirety.
"The patented method would ensure that the information is split," said the patent inventor. "Thus, the metadata seen by the provider companies (as well as governments where they reside) is reduced."
Don't call it decentralized VPN
It's worth mentioning that some providers already offer decentralized VPN solutions that split users' information between several entities without having a single point of governance.
For example, the newly launched NymVPN is built on a decentralized server network run by anonymous users across the world. Obscura VPN employs a two-party VPN structure, using Mullvad's WireGuard VPN as an exit hop.
Kaciulis, however, thinks that Surfshark's patent goes beyond what a decentralized VPN stands for.
"Personally, I believe that today 'decentralized VPN' is a little bit of a buzzword used to convince users that it’s a better solution than the status quo. The Internet is built on trust and authority, and losing said authority only makes it less safe," Kaciulis told TechRadar.
Therefore, this solution comes as a way to emphasise the importance of having even more authority. "It’s just that the authority is shared between multiple actors instead of one."