DISCLAIMER: I don't know how FB does things. I'm extrapolating from my own knowledge of security protocols here.
bluemoon wrote:
However, to enable multiple terminal to decrypt the same message, you have to transport the root private key from A to B. As getting the private key is the only way to deduce AES key (in theory).
However there is no way you can transport a key without risking MiTM. Maybe the server is trusted in such scenario.
Having the server / user account hold the "secret" key is one way to do it, yes. It's
probably what's being done.
The alternative would be to have a secret key on each device, and merely using the active FB login to encode some little "secret". Like, yes, the holder of
this secret key is
also legitimately logged in to
this Facebook account, so please share {shared key} with me so I can participate.
(End-to-end encryption doesn't mean ONE end to ONE end, it just means that the message
remains encrypted until received.)
That would only be marginally more secure than having the server hold the secret key, though. After all, you
want anybody able to log in to your Facebook account to send / receive messages, as logging in to Facebook
should only be possible to you. Nobody else has the password, right?
Right?
(WhatsApp, for example,
does allow to authenticate a webbrowser to use web.whatsapp.com -- but only after you authenticated the browser's access with your phone via QR code. And you can always revoke that permission from your phone.)
If that is not enough security for you... there's always PGP / GnuPG. Encode the message with the recipient's public key and send *that* over FB messenger.... or mail... or {whatever}.
Or, even better, use a one-time pad. That one's not crackable; of course you have to rely on some means of sharing the pad and keeping it between the two of you...