disclaimer: I’m just asking to get understanding of the theory behind network traffic encryption, I know this doesn’t happen irl most likely.
Let’s take https connection for example. I like watching revolutionary things on youtube and do not wish for authorities to know what I am watching, we accept here for the sake of showcase that google won’t sell my watch history if asked (LMAO what am I even saying?).
So if I’m not mistaken since youtube has https implemented, our communication is encrypted, the keys are shared only between me and youtube. But when Youtube shares the key with me/my client the first time, is that also encrypted? Wouldn’t the same question keep getting answered until there is something unencrypted? I know this is a bit too much unlikely, but if ISP automated the process of gathering keys and decrypting web traffic for a certain site with them for all users, would that work for them?
I’m taking https here as an example, while I have the same question for like VPN.
EDIT: Thank you everybody. I am not a member of this community, but every comment was a golden experience to read!
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)
You are describing symmetric encryption where both parties have the same key. There is something called asymmetric encryption that solves this. Basically you have a public key and a private key. You can give your public key to youtube, they can use that key to encrypt the symmetric key that will be used for the actual communication. The only way to decrypt the symmetric key is by using your private key, which is only known to you. So youtube can safely send it to you so you can decrypt it. Now you both have the same key and nothing was sent unencrypted.
Well your public key was sent unencrypted but that’s fine because of how asymmetric encryption works.