What is end-to-end encryption and how it works?

End-to-end encryption (E2EE) ensures that your data remains encrypted (confidential) until it reaches its intended recipient. This ensures that no one in between can see your private data as long as it is encrypted end-to-end, whether it is messaging, email, file storage, or anything else.

That is, with end-to-end encryption enabled in your application, only you and the people you are chatting with can read the content of your messages. In this case, even the company running the chat app can't see what you're saying.

Encryption basics

First, let's start with the basics of encryption.

Encryption is a way of scrambling (encrypting) data so that it can't be read by everyone. Only people who can unscramble (decrypt) the message can see its contents. If someone does not have the decryption key, they will not be able to decrypt the data and view the message.

Your device uses various forms of encryption all the time. For example, when you visit your online banking site or any site that uses HTTPS, which most sites are today, your communications with that site are encrypted so that your network operator, Internet service provider, and anyone else who can snoop on your traffic can't see your bank passwords and financial details.

Wi-Fi also uses encryption. That's why your neighbors can't see what you do on your Wi-Fi network, provided you're using modern, unhacked Wi-Fi security standards.

Encryption is also used to protect your data. Modern devices such as iPhones, Android phones, iPads, Macs, Chromebooks, and Linux systems (but not all Windows PCs) store their data in encrypted form on your local device. After you log in with your PIN or password, it is decrypted.

How end-to-end encryption works

Now, let's talk about chat applications. For example: Facebook Messenger. When you contact someone on Facebook Messenger, messages are encrypted as they travel between you and Facebook and between Facebook and others. The stored message logs are statically encrypted by Facebook before they are stored on Facebook's servers.

Facebook itself can see the content of your messages.

The solution is end-to-end encryption.

With end-to-end encryption, intermediate providers - in these examples, whoever you use instead of Google or Facebook - will not be able to see the content of your messages. They do not hold the keys to unlock your private data. Only you and the person you are communicating with hold the key to access that data.

Your messages are truly private, and only you and the person you are talking to can see them, not the company in between.

End-to-end encryption provides more privacy. End-to-end encryption gives you confidence when communicating and storing sensitive information, whether it's financial details, medical conditions, business documents, legal proceedings, or private personal conversations that you don't want any other people to have access to.

Disadvantages of end-to-end encryption

If you lose your decryption key, you will not be able to access your data.

Some services may provide recovery keys that you can store, but if you forget your password and lose those recovery keys, you will no longer be able to decrypt your data.

That's one big reason why companies like Apple may not want to encrypt iCloud backups end-to-end. Because Apple holds the encryption keys, it lets you reset your password and access your data again. That's because Apple has the encryption key and can technically do whatever it likes with your data. If Apple doesn't keep the encryption key for you, you won't be able to recover your data.