End-to-end encryption is the most secure way to communicate privately and securely online. By encrypting messages at both ends of a conversation, end-to-end encryption prevents anyone in the middle from reading private communication.
When you send and receive an email using a service that does not provide E2EE, such as Gmail, the company can access the content of your messages because they also hold the encryption keys. E2EE eliminates this possibility because the service provider does not actually possess the decryption key. This is the reason why E2EE is much stronger than standard encryption.
Here is a Facebook Messenger, an example of a phrase of text that has been encrypted:
Plain text: This is a Facebook message.
Encrypted text: eXP3jH+7giCt1gIg0zHm3j3DPI1xuFRvbhmaKJx/uQQ=
You can’t to understand what the encrypted text means — unless, of course, you have the private key to decrypt it.
Facebook Messenger already uses encryption — just not end-to-end encryption. “Normal” encryption (a.k.a. link encryption) works like this:
- Sender forms an encrypted connection with Facebook’s servers.
- Sender submits the encrypted message to Facebook’s servers.
- Facebook decrypts the message and stores it on their servers.
- Facebook’s servers form an encrypted connection with the recipient.
- Recipient downloads the message via an encrypted connection.
Facebook controls the encryption/decryption and has access to the decrypted message.
End-to-end encryption (E2EE) is a system of communication where only the communicating parties are able to read the messages. Messages are encrypted in a way that only the unique recipient of a message is allowed to decrypt it, and not anyone in between.
Since no third party has knowledge of the data being communicated or stored, surveillance or manipulation is impossible. The answer is simply another cryptographic technique known as public-key encryption. In public key crypto-systems, a software on a client’s device generates a pair of keys. One of them is called the “private” or “secret” key which is used for decrypting the message sent, and which never leaves sender’s device. The other one is the “public” key which is used for encrypting the messages received. It is designed in a way that only the corresponding private key can decrypt those messages. The public key can be shared with anyone who wants to encrypt a message with the sender.
Ask us more about end-to-end encryption!
