What is end-to-end encryption?
Everything you need to know about end-to-end encryption
If you use the best secure messaging apps like Signal or WhatsApp, you may have seen that messages you send on these apps are protected by end-to-end encryption.
End-to-end encryption (or E2EE) is a secure way of sending data that prevents third parties from being able to access your information when it’s being sent from one place to another.
This keeps your private messages, files, and photos safe from prying eyes, including hackers, cyber criminals, and government agencies. It’s often used by secure messaging services, as well as secure file sharing services to ensure no-one outside your conversation can access your information.
But how does end-to-end encryption work? Should you be using it? In this article, we’ll fill you in on all you need to know about end-to-end encryption. Let’s dive in.
What is end-to-end encryption?
End-to-end encryption is generally considered the safest and most private way to communicate over a network. It’s a secure method of sending information that encrypts your data before it's sent. The data remains encrypted while it’s being transferred from your device to the one you're sending it to and is then decrypted on the recipient’s device so they can access the information.
As with many other encryption methods, end-to-end encryption transforms readable text into undecipherable text thanks to the use of cryptography. This is the same technology that keeps the best VPNs secure. It prevents anyone other than your intended recipient from being able to read your messages, thereby keeping them completely safe from prying eyes.
It’s more secure than other methods of encryption because it keeps your data safe from start to finish by encrypting your message when you send it and only deciphers it on the recipient’s device. Lots of messaging services, including WhatsApp, Signal, and Telegram, as well as SMS messaging, use end-to-end encryption to keep your communication safe from unauthorized access.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
It’s also safer than encryption in transit, which only secures your data while it’s being moved between devices. End-to-end encryption means it can’t be accessed by your internet service provider (ISP), application service provider, hackers, or anyone else, for that matter.
In fact, end-to-end encryption is so secure that the messaging services that use it have faced controversy. That’s because it makes it harder to share information with authorities and gives users a way of communicating about illicit activities with complete privacy.
How does end-to-end encryption work?
End-to-end encryption works by encrypting (scrambling) data sent on one end that can only be unencrypted with a special secret number, known as a key. Only the recipient of the data has the key to unencrypt the data, so no one else is able to view the message, file, or communication.
The encrypting and decrypting process uses a unique pair of keys to scramble and unscramble a message. One key is used to encrypt a message, while the other is used to decrypt it. All of this happens without the sender or recipient having to do anything.
So, when you send a message or file via a service that uses end-to-end encryption, the information will be encrypted on your device by retrieving the recipient’s encryption key from the cloud. This is a public key that can be shared without compromising the security of your message. But the decryption key is private and can therefore only be accessed by the recipient of the message.
The private key is stored on the user’s device, so it’s never put on the cloud. And given that the most damaging cyber attacks tend to target cloud servers, it’s an incredibly secure form of communication.
Even better, because the key isn’t available to anyone outside the encrypted communication, it prevents anyone from viewing, editing, or intercepting the messages.
This means things sent using E2EE will always stay safe from cyber attacks like man in the middle attacks. Sometimes called an "on-path" attack, a man in the middle cyber attack is when a cyber criminal places themselves in the middle of a data exchange, such as an online chat, so that they can steal sensitive information.
Should I use end-to-end encryption?
It’s a very sensible idea to use end-to-end encryption because it protects your data by preventing third parties from being able to spy on your communications, thereby keeping your messages safe from cyber criminals. Without it, a hacker could access the messages and files that you send or receive and could use the information they steal to log into your accounts, access your credit cards, or impersonate you online.
However, it’s important to note that not all messaging apps use end-to-end encryption. Plus, some of the ones that offer it don’t have it enabled by default, so be sure to check you have it switched on to protect your data.
If you want to protect all your online information rather than just your communications, there’s a really simple way to do this. All you need to do is sign up for a reputable VPN and it will encrypt all your traffic so that no one can view anything you do online. This includes what websites you visit, as well as your online banking information, and any files and photos you send or receive.
It doesn’t matter whether or not the messaging service you’re using offers end-to-end encryption if you’re using a VPN, as it will automatically provide your communication with end-to-end encryption, while also giving that same level of protection to all your other online activities. Most VPNs use military-grade AES-256-bit encryption, which is pretty well unbreakable and provides a highly sophisticated level of security.
There are also some VPNs that go beyond this and offer post-quantum encryption. This is because expert hypothesize that there will soon be a day when quantum computers can decrypt the cryptography that end-to-end encryption currently uses, exposing all encrypted data. This includes the best VPN service based on our testing, NordVPN. So, be sure to shop around to find a VPN that will protect your data now and in the future.
If you want to improve your online security and use the web anonymously, a VPN is a must-have because it will keep your data completely safe from hackers. We’d recommend opting for a paid-for service rather than a free VPN. This is while there are some great free VPNs out there, if you want the most secure VPN, you'll need to go for a premium service.
If you're worried about price, don't – we have put together a list of the best cheap VPNs, so you can get protected without breaking the bank.
Catherine Hiley is an editor and reviewer, specializing in VPNs, cyber security, telecoms, and personal finance. She has been a regular contributor to Business Insider and CyberNews, where she has written in-depth VPN reviews, useful how-to guides, and explainers to help readers choose and get the most out of the best VPN providers, antivirus software, and password managers.
- Olivia PowellTech Software Commissioning Editor