What is end-to-end encryption?

End-to-end encryption - Featured image

It’s a protocol that encrypts information traveling between two points, for instance, between two users texting.

Every embarrassing thing you do online, every site you visit and every word you type can be seen or stored by a third party.

The modern internet is an eavesdropping paradise and an increasingly inhospitable environment for average users. It’s a place where governments and private companies are on a quest to snoop through as many emails and chats as possible. And they don’t like being told they can’t do it.

Enter end-to-end encryption. This is the most reliable method for protecting digital information. Naturally, for some this is a force of darkness. But for a growing number of consumers, it has become synonymous with security and privacy.

Technological advances have made end-to-end encryption easier to use, and today almost every messaging service has the encryption enabled by default.

Key findings about end-to-end encryption

  • Apple, Facebook, and WhatsApp are among the biggest services to offer E2EE.
  • Most messaging apps have the encryption enabled by default.
  • This is an asynchronous method of encryption and currently the safest one for communication.
  • Telegram is considered to be the most secure messaging app.
  • Among bigger webmail providers, Outlook is the only one with the proper encryption.

What is end to end encryption

E2EE is a method of securing the line of communication by encrypting messages at both ends of the conversation and preventing third parties from accessing the data being transferred.

E2EE differs from standard encryption in that the messages aren’t encrypted just during transit. While messaging apps always have some sort of rudimentary encryption in place, the data being transmitted isn’t fully secure. Telecom companies and internet service providers can scan these messages. But encrypting the communication from both sides ensures that only the authorized parties involved in the communication can access the transmitted data.

The existence of more encryption codes, one for each person in a conversation, allows them to send and receive messages coded in a different way. The days of one key fits all are long gone. So even if someone intercepts the messages they wouldn’t be able to read them without the exact decryption key the recipient holds.

How the end to end encryption works

So how does this encryption work? It’s simple. Each user needs a set of encryption keys – one public and one private. These two are mathematically linked in such a way that the private key decrypts the public one. In other words, users keep a private key on their device, while the public key is used to connect with other users.

If Joe, for example, wants to send an encrypted message to Ellen, his message will first be encrypted by Ellen’s public key. Then the message travels to Ellen. Once it reaches her, the private key “unlocks” the contents of the message, deciphering it and translating to what Joe originally sent. This process also works in reverse and is repeated whenever Joe and Ellen exchange messages or when they message others who use E2E encryption.

What we’ve just described is also called asymmetric encryption. Currently, this is the safest method for two-way encryption. There is also a symmetric method. However, this approach proved more dangerous because it requires the user to share the private key in some form with the other party. This could result in a security breach if a malicious party was to get ahold of the key in transit. While this method is easier, it’s pretty much completely outdated and messaging platforms avoid it.

The last thing to figure out is how to implement end-to-end encryption. Today, almost every messaging service has the encryption enabled by default. Even if the encryption isn’t on when you fire up the app, it usually takes just a few clicks to set it up.

Benefits of using end-to-end encryption

One of the obvious advantages of encryption is the increased level of security that it guarantees for all our digital communications. The encryption requires two keys and even if the messaging server gets compromised, your correspondence remains completely secure. Simply put, a hacker would need to get a hold of your physical device to fully decrypt your messages.

We are living in an age when cybercriminal, private corporations and government agencies regularly target unencrypted online traffic. There is also no shortage of webmail providers that are eager to snoop around your inbox, capturing keyphrases to enhance personalized advertising. As such, a growing number of digital users are abandoning popular webmail and messaging platforms in favor of those using E2EE. After all, everyone has the right to keep their conversations private.

There is also the matter of performance, which is mainly beneficial to the service providers. The encryption is fast due to the low amount of data needed to be transfered, while the data is simply rerouted toward the destination instead of being processed every step of the way.

Messaging services that support encryption

End-to-end encryption has become more common in messaging and email apps in the last couple of years. These platforms are constantly evolving around the needs of the user. Amid the rise of eavesdropping, massive data breaches and leaks, the applications we use needed to become more secure.

Here are some of the most popular messaging apps and services that offer encrypted chat and emails.

WhatsApp

We can’t really talk about encrypted messaging without mentioning WhatsApp’s encryption. This is the most popular messaging app on the planet. But is WhatsApp secure enough? Well, its 1.5 billion users seem to think so.

WhatsApp was one of the first apps of its kind to implement end to end encrypted data. That was back in 2016, just two years after it was bought by Facebook. Best of all, the user doesn’t have to do anything, it’s enabled by default and cannot be turned off. This shouldn’t be confused with WhatsApp secret chatting since that method requires setting up additional apps. The company discourages the use of third-party apps over concerns that they might be used to spy on the user.

Viber

Viber started out with the goal of dethroning WhatsApp as the top messaging app. But it’s been slower in implementing information protections, and it wasn’t until version 6.0 that the app offered two-way security.

The security update covers all features of the app, which means not only text messages, but also encrypted video chat. Setting it up is quick, as long as you follow certain instructions offered by the developers. Since Viber is a voice call app, it can even be used to replace your standard dialler app on the phone and add a layer of encryption to SMS.

Telegram

This relatively young messaging app has risen in popularity since its launch in the summer of 2013. Telegram’s design sets it apart from its competitors. The platform offered the highest levels of e2e encryption from the start, and many consider it one of the most secure messaging apps on the market.

Telegram’s secret chats use encryption technology and give users total control over the messaging history. This means that if one party deletes a message on their end, the app will instruct the other party’s device to delete that message as well. Messages and files can also be given an expiration date, after which they will be completely erased from the system. Moreover, secret chats aren’t tracked by the server but are device-based. As long as you protect your device physically, your chats are safe.

Line

Not all free encryptors emerge from the rubble of natural disasters, but in the case of Line that’s exactly what happened. Line was born in the aftermath of the Tohoku earthquake and tsunami that struck Japan in 2011. The disaster wiped out a significant portion of the country’s communication system, leaving many people struggling to reach their families.

Line was launched that same year and designed to be a reliable piece of Japan’s communication infrastructure. It also introduced encrypted communications for its users. Developers of the app called this feature “letter sealing”, and it can be turned on and off with just a tap of a button. Today, more than 700 million people use this messenger app.

Facebook messenger

The latest addition to the list of messaging apps with end-to-end encryption is Facebook’s Messenger. Facebook Messenger was encrypted in 2019, but the feature is not enabled by default. Instead, it’s offering a secret chat feature to a certain portion of the global user base. This feature is still in its infancy, currently only supporting text chat and unavailable to anyone that wasn’t drafted randomly into the testing group. Facebook claims that the encryption will eventually be available throughout all features of Messenger, without the need to manually encrypt chat by initiating secret chat mode.

But the decision to introduce encrypted technology piled further pressure on Facebook. A number of Western governments insist that end-to-end encryption prevents security services from stopping terrorist attacks and investigating phedophiles. However, others warn that the private lives of online users will become unsafe if governments succeed in their quest against E2EE.

iMessage

If you’re looking for a way to encrypt iPhone messages, look no further than the default messaging app on your phone. Apple’s own iMessage is another major encrypted texting app with the end 2 end technology. Apple has been touting its privacy initiative for a while, expanding the encryption on both ends to everything from plain text messages, to its video chat app FaceTime and even the Maps application.

The company claims it created the system so users can feel safe instead of dreading whether someone is monitoring their every step. The iOS platform has become synonymous with security especially with the introduction of the version 11.0.

Email clients with end to end email encryption

Unlike with the many encrypted text apps, options for sending encrypted emails are rather limited. Gmail’s end-to-end encryption is nonexistent, and the same goes for Yahoo!. The most common option for security-savvy users usually comes down to two clients, ProtonMail and Outlook.

ProtonMail is widely regarded as the most suitable webmail platform for users concerned with their online privacy. Developed by CERN and MIT scientists, ProtonMail quickly became the biggest email service of its type. The free version is limited to 150 messages a day and 500MB of storage, while a paid subscription offers 1,000 messages a day along with 5GB of storage.

Microsoft Outlook was recently updated with the end-to-end encryption software. This email client allows the user to set the level of security as well as detect when sensitive information is being sent, followed by an offer to enable encryption. Among the tools Outlook leaves at your disposal are also forwarding blocker, ability to block specific people from receiving emails from your account as well as the copy-paste blocking tool.

Bottom line

Encryption is much more than a technological issue. Today, it is a central feature in a highly controversial political struggle.

While tech giants try to appeal to the consumers’ growing appetite for digital privacy, politicians in Washington and London are demanding unhindered access to encrypted devices and encrypted messaging services.

Governments in the US, UK and even Australia have been highly vocal against end to end security, going as far as requesting that certain platforms implement a backdoor to their messaging services. In theory, the backdoor could aid police and intelligence agencies in their battle against bad actors. But critics say this is a slippery slope and warn that the backdoor decryption key can easily end up in the hands of cybercriminals, spies and authoritarian regimes.

For the end user, there are really no downsides to introducing more cyber security. It can be as simple as a security code every time they login, but end-to-end encryption is quickly becoming a must for any respectable messaging app.