It’s almost impossible to avoid third party eavesdropping during two-person communications via the Internet. Usually, only cryptographic protocols are capable of preventing these situations, but it is rather complicated for software developers to correctly integrate them into applications. That’s why researchers at the TU Darmstadt want to automate encryption.
Generally when two people message each other via the Internet a third party is eavesdropping. To prevent anyone else from reading it, they put a secret code that only two of them will be able to decipher. If someone else tries to read this conversation, they will see nothing but strange symbols that cannot be deciphered without the key, but this encryption does not prevent the third party from being involved. The secret code which helps to keep the conversation secure was actually generated by a spy which sent it to both participants by pretending to be the other one in each case. He can read all of their messages and, even ask for an important information, as they already feel safe. The idea of public key/private key encryption was that individuals and businesses can encrypt data but the key was held by the government that would be able to decrypt data when needed.
One of the justifications for this method of encryption was to prevent possible terrorist attacks, but as we see, holding encryption keys have not helped a lot during these years. Most of the time law-enforcement’s focus on unlocking encrypted data doesn’t help.
When we use apps, send emails, use messenger services and whenever sensitive data is involved the cryptography and encryption protocols are used and we usually don’t notice it. For example, you visit an online shop, and not only your browser but also the online shop automatically generate a unique key that is used to mathematically encrypt the order or bank details so that a third party cannot do anything useful with the data without the key.
Nowadays, data encryption is high priority, because we spend so much time using the internet during our day. If the designer of an encryption protocol implements it correctly the encryption protocols ensure a certain level of security. That is why application developers have to use and integrate it correctly into their code.