The present invention relates to a method performed by at least one server for processing a data packet from a first computing device to a second computing device to permit end-to-end encryption communication, and a corresponding system.
Presently, certain messaging solutions perform two different encryption-decryption methods, for example in a scenario where a server is arranged between two computing devices, a sender and a recipient, in a communication network. The sender encrypts a message using a symmetric key which is randomly generated. The sender then encrypts the symmetric key using the server's public key, and thereafter transmits a data package, comprising the encrypted message and symmetric key, to the server. The server decrypts the encrypted symmetric key using its own private key, after which the server then re-encrypts the symmetric key with the recipient's public key and the re-formatted data package is forwarded to the recipient. It will be appreciated that since the server has the symmetric key, the server is however then able to access the encrypted message. On receiving the data package, the recipient decrypts the encrypted symmetric key with its own private key to retrieve the symmetric key which is used to decrypt the encrypted message. For such a scenario, the server has a copy of the symmetric key and is able to decrypt the encrypted message for audit purposes or archival of the decrypted message. However, this is not considered true end-to-end encryption communication, since the server has access to the content of the message.
For other conventional implementations, the server may be configured to re-generate a new symmetric key and re-encrypt the message with the new symmetric key, and encrypt the new symmetric key with the recipient's public key. In this situation, the server nonetheless still has access to the encrypted message and thus also does not enable true end-to-end encryption communication.
One object of the present invention is therefore to address at least one of the problems of the prior art and/or to provide a choice that is useful in the art.