What is End-to-End Encryption (E2EE) and How Does it Protect Your Data?
Today we communicate with others more online than we do in person.
For instance, according to a study done by cloud mobile and online business messaging solutions LivePerson, 65% of Millenials (born between 1981 and 1996) and Gen Z (1997-2012) communicate with others more digitally than face-to-face.
This communication often involves private and other sensitive data and social networks such as Facebook or email providers like Gmail do not offer sufficient privacy and security for your data.
This means that you need end-to-end encryption to secure your online communication.
#What is End-to-End Encryption?
So what is end-to-end encryption?
Think of it as a way to send data in such a way that only you (the sender) and the recipient can open and read the message.
Even if a third party, like a hacker, somehow manages to intercept your email message, for instance, they won’t be able to open it, read it, or otherwise tamper with it because of the way that end-to-end encryption works.
#How Does End-to-End Encryption Work?
True end-to-end encryption uses a pair of keys - public and private.
With the private key, the sender encrypts the message before sending it to the intended recipient. Thus encrypted, the message turns into an incomprehensible mess of letters, numbers and special characters that is useless to anyone intercepting the message.
However, the same key can not be used to open the message.
Instead, the recipient needs to generate a private key, which only they own, to decrypt and open the message.
This type of encryption, using a pair of public and private keys, is called asymmetric encryption and is different from another type, which only uses one key to both encrypt and decrypt the message, which is called symmetric encryption.
(You can read more about asymmetric and symmetric encryption here).
Let’s use a classic example with Bob and Alice to paint a picture of how end-to-end encryption works.
- Bob wants to send Alice a private email message
- Alice generates two keys - public and private
- She sends the public key to Bob, but keeps the private key
- Bob then encrypts the message with the public key
- Thus encrypted, the private message goes to Alice
- Finally, Alice uses her own private key to decrypt the message
#Types of End-to-End Encryption
There are two types of end-to-end encryption:
- Pretty Good Privacy (PGP)
- Secure Multipurpose Internet Mail Extension (S/MIME)
We’ll talk more about the two some other time, but for now, let’s just say that the main difference is that:
- In PGP, the keys are exchanged between the users (in a way we described above)
- While in S/MIME, a third party (Certificate Authority) provides a digital certificate that authenticates the sender (proves that they are who they say).
#Advantages and Disadvantages of End-to-End Encryption
Any system has its good and bad sides and, naturally, this goes for end-to-end encryption as well.
So what are these?
- Protects your privacy from the service provider
If you use an email service like Gmail (here are 5 reasons to drop Gmail, btw), or want to send a message through Facebook, then your data will be stored on Google’s or Facebook’s servers. This means that they will have the keys to decrypt it. With E2EE, they can’t.
- Secure against hacking
Even if the server on which the encrypted message is stored is hacked and the data breached, the attackers won’t be able to do much with it if they don’t have the decryption key.
- Protects free speech
End-to-end encryption is an important key for any journalist, whistleblower, or activist, who wants to speak freely and be safe from government intimidation and surveillance.
- Losing or forgetting the private key
What happens if you lose or forget the private key? In that case, what was the main advantage of end-to-end encryption becomes its biggest flaw, as you can no longer decrypt and read the message.
- End-point security
One risk with E2EE lies with the end-point. If the recipient’s device itself is unsecure, for instance, if they stored the private key in plain sight, then the whole point of encrypting and decrypting is void.
It’s like in that Simpsons scene where Mr. Burns and Smithers go through all the high-tech security of Burn’s nuclear plant only to find a door to the back alley on the other side through which a dog can waltz in.
- Data transfer is visible
While the data itself is hidden with E2EE, the fact that there was a data transfer isn’t.
What does this mean? Well, if there are records of data transfer, it is possible for someone to decipher what its contents might be based on who sent it (sender) and who received it (recipient).
End-to-end encryption remains a highly divisive topic. On one side are those who want to protect their data privacy, while on the other side are those who want to ban it, claiming that it helps terrorists and criminals.
At Telios, we believe that every person has the right to choose if and how they want to protect their sensitive information. We understand that end-to-end encryption is not for everyone, but for those that do need it and want it, our decentralized email provides secure communication with encrypted data and email.