Until recently, end-to-end encryption (E2EE) was the sole domain of the tech-savvy because of the complicated operations required to use it.
However, recent technological advances have made end-to-end encryption much easier to use and more accessible.
In this article, we will explain what is end-to-end encryption and what advantages it offers over regular encryption.
What is end-to-end encryption (E2EE)?
When you use E2EE to send an email or a message to someone, no one monitoring the network can see the content of your message — not hackers, not the government, and not even the company (e.g. ProtonMail, and Telegram) that facilitates your communication.
This differs from the encryption that most companies already use, which only protects the data in transit between your device and the company’s servers.
For example, when you send and receive an email using a service that does not provide E2EE, such as Gmail or Hotmail, the company has the ability to access the content of your messages because they also hold the encryption keys.
E2EE eliminates this possibility because the service provider does not actually possess the decryption key.
Because of this, E2EE is much stronger than standard encryption.
How does end-to-end encryption work?
To understand how E2EE works, it helps to look at a diagram. In the example below, Bob wants to say hello to Alice in private.
Alice has a public key and a private key, which are two mathematically related encryption keys.
The public key can be shared with anyone, but only Alice has the private key.
First, Bob uses Alice’s public key to encrypt the message, turning “Hello Alice” into something called ciphertext — scrambled, seemingly random characters.
Bob sends this encrypted message over the public internet.
Along the way, it may pass through multiple servers, including those belonging to the email service they’re using and to their internet service providers.
Although those companies may try to read the message (or even share them with third parties), it is impossible for them to convert the ciphertext back into readable plaintext.
Only Alice can do that with her private key when it lands in her inbox, as Alice is the only person that has access to her private key.
When Alice wants to reply, she simply repeats the process, encrypting her message to Bob using Bob’s public key.
Why We Need End to End Encryption For Online Communications
End-to-End Encryption ensures that all data is encrypted at all times, not just in transit and at rest.
There is a massive amount of online data that is being sent, shared, and stored and end-to-end encryption prevents unwanted access by decrypting all messages from the sender’s end to the receiver’s end without any encryption gaps along the way.
Otherwise in addition to hackers, service providers and online applications hosting conversations can have access and collect data.
Users today are utilizing online communication platforms that are not always secure since some are not sufficiently end-to-end encrypted giving hackers more opportunities to gain access to data and leak sensitive information.
Statstica.com shows us the most popular mobile messaging apps being used in the world (based on monthly active users).
Facebook messenger, for example, is the second most popular messaging platform and encrypted messages are only secure when they are en route between a user’s device and company servers where they are stored.
This means Facebook might have to hand over private messages if required by law.
With billions of online communication users, there’s bound to be greater instances of hacks, leaks and privacy infringements.
We’ve seen this with celebrities who have been victimized by hackers that exposed private pictures or private conversations that were exchanged by email or stored online, such as iCloud.
What are asymmetric and symmetric encryption?
Symmetric encryption, the more conventional mode of encryption, uses the same key to encode and decode information.
Asymmetric encryption utilizes two keys to unlock encrypted information.
This is a newer, more complex version of encryption, with a public and a private key.
The public key is in fact public, for anyone to use to send a message, but the private key is held by the owner to protect it.
Advantages of end-to-end encryption services
There are several advantages of E2EE over the standard encryption that most services utilize:
It keeps your data safe from hacks
E2EE means fewer parties have access to your unencrypted data.
Even if hackers compromise the servers where your data is stored (e.g. Yahoo mail hack), they cannot decrypt your data because the does not possess the decryption keys.
It keeps your data private
If you use Gmail, Google can know every intimate detail you put in your emails, and it can save your emails even if you delete them.
E2EE gives you control over who reads your messages.
It’s good for democracy
Everyone has the right to privacy.
E2EE protects free speech and shields persecuted activists, dissidents, and journalists from intimidation.
Do I really need End-to-End Encryption
End-to-End Encryption is an additional protection layer that you can add and use to protect your data and keep it private.
End-to-End Encryption is really useful not only for that but is also used to encrypt messages on platforms like Telegram and Signal.
Why do you need to keep your data secure?
Data security is essential to protecting customers’ private information such as passwords, debit or credit card information, mailing addresses, or birthdays.
Data security measures — such as using products and services that employ encryption — mitigate the risk of a breach.
A study by the U.S. National Cyber Security Alliance found that 60 percent of all small businesses that suffer a cyber attack go out of business within six months of the breach.
Financial difficulties are often fallout from a data breach — it takes money to recover, but also often customers are slow to come back.
Can End-to-End be hacked?
End-to-end encryption is regarded as safer because it reduces the number of parties who might be able to interfere or break the encryption.
In the case of instant messaging, users may use a third-party client to implement an end-to-end encryption scheme over an otherwise non-E2EE protocol.
Is End-to-End Encryption safe?
Encryption converts data into ciphertext, preventing hackers from accessing it in most cases.
Though they certainly can try to bypass it, it could take several years if you’re using 256-bit AES encryption.
Unless you’re a person of extreme interest, it’s unlikely any hacker is going to spend time even trying.
WhatsApp's End-to-End Encryption
According to a WhatsApp FAQ.
WhatsApp end-to-end encryption ensures only you and the person you’re communicating with can read what’s sent, and nobody in between, not even WhatsApp.
Your messages are secured with locks, and only the recipient and you have the special keys needed to unlock and read your messages.
Can Police Track WhatsApp messages?
Police directly cant retrieve the WhatsApp messages easily as WhatsApp having end to end encryptions, but below are the widely adopted method by police and forensic department if they have physical access to your mobile phone.
WhatsApp doesn’t decrypt or share the message contents as of Jan 2020.
Facebook Messenger's End-to-End Encryption
According to Pingdrop.
The company is now testing an option called “secret conversations” for Messenger, which will enable the end-to-end encryption capability.
However, the encryption option is not turned on by default.
Discord End-to-End Encryption
Discord End-to-End encryption.
Script developed to encrypt your messages on the client-side before sending them to a Discord channel.
This way, Discord only sees encrypted data and cannot decrypt them without the secret key.
Of course, users should also have this script and the secret key to decrypt the data.
What are other methods to keep your data safe?
Beyond E2EE, there are other types of data encryption:
- Secure Sockets Layer (SSL) is the more modern version of Transport Layer Security (TLS), and it’s the standard for protecting data on the web. You’ll see URLs that start with https:// instead of http://. The extra “s” stands for “secure.” This layer of security helps protect your business at a very high level on your website, and also signals to customers that you are protecting them.
- Tokenization means you’re substituting a sensitive data element with a non-sensitive equivalent, referred to as a token. The token has no meaning or value; it just helps map you back to the sensitive data. This helps keep your business safe because it is harder for hackers to define the token since it has no meaning or value.
- An elliptic curve integrated encryption scheme (ECIES) is a system that independently derives a bulk encryption key and a MAC (message authentication code) key from a “common secret.” The data is encrypted under a symmetric cipher. Then the cipher is encrypted under a MAC.
The US vs End-to-End Encryption
The Guardian posted an article about the takedown of End-to-End encryption in the US.
US senators have proposed a new law that would make key legal protections that online platforms rely on contingent on those platforms adopting specific practices related to privacy and the “prevention” of child se**al exploitation.
The act has widely been seen as an opening salvo in a renewed war on end-to-end encryption, with the US justice department (DoJ) regularly criticizing technology companies for creating products, such as iMessage and WhatsApp, which cannot be intercepted by law enforcement.
EFF also tweeted to warn people about it.
Here is the tweet:
Don’t let the U.S. government break encryption. It's our best digital tool to allow private conversations in an increasingly insecure world. Join EFF and help us fight back today https://t.co/Gi8Mtp2743— EFF (@EFF) March 28, 2020
The Bottom Line
I hope you understand what is end-to-end encryption now.
If you like this article, don’t hesitate to share it on your preferred social networks and friends.
If you have any question, comment below this article, I’m glad to help you.
Thanks for reading.
And I’ll see you next time!