What is End-To-End Encryption? 7 Questions Answered
August 17, 2023
A typical smartphone user may receive hundreds of SMS messages each week. Social media services keep their users engaged by pushing dozens more direct messages every day. Globally, some messaging applications like WhatsApp handle more than 100 billion messages daily.
But are these messages private?
That’s where end-to-end encryption comes in. In practice, it ensures that only two parties – a sender and a receiver – can access the data. And, as data is transferred, it cannot be read or tampered with by an Internet Service Provider (ISP), application service provider, hacker or any other entity or service.
Many companies and platforms are now touting end-to-end (E2E) encryption as a core safety and privacy feature. And it’s not just for messaging and social media. Many online shopping sites use E2E to keep payment data secure.
But consumers are often unfamiliar with what E2E encryption does, and how it can protect ordinary people. So we’ve compiled some frequently asked questions about this privacy technology.
- Who uses E2E?
“End-to-end encryption is generally agreed upon as being a useful technology for protecting the data of businesses and consumers,” said IEEE Senior Member Kayne McGladrey. “Online shopping, for example, would not be as popular or feasible if a consumer’s payment information could easily be intercepted. Similarly, private video calls over the internet by senior executives or government officials would be far too risky if anyone could watch.”
- Is E2E encryption universal?
Some messaging services and social media applications don’t use E2E encryption. And while some messaging services enable it automatically, others require users to enable encryption manually, which has gotten easier over the past few years, but is still a roadblock. As writers in a new edition of IEEE Security and Privacy magazine put it “every step required by a security mechanism reduces the number of users willing to use it.”
Users should review the terms of service of their messaging app or social media accounts to understand what level of privacy protection the service offers.
- What’s behind the rise of E2E encryption?
Until a few years ago, it was possible to encrypt messages, but it was too difficult for average consumers. One study found that these older forms of encryption suffered from usability problems, and that the majority of users made catastrophic errors when using them.
“In simple terms, E2E encryption involves the use of public-key encryption, where both the sender and recipient generate a pair of encryption keys composed of a public key and a private key,” McGladrey said. “While this process used to be technically difficult and time-consuming, technological advancements in the past 20 years have made it imperceptible to end users.”
- Does E2E encryption protect everything?
“It is important to note that while end-to-end encryption secures the content of communications, it does not protect other metadata, such as sender and recipient information or message timestamps,” said IEEE Senior Member Kevin Curran.
That means that, while it may not be possible for prying eyes to know what two people talked about, it is possible to know that two people communicated, and judging by the frequency of communications, it might also be possible to infer that the communication was important.
- Are there any pitfalls to using E2E?
“One crucial element is that the keys typically only exist on the devices,” McGladrey said. “While this means that threat actors, service providers or government entities cannot read the encrypted data, it also means that losing the device with the key will functionally make the data inaccessible to one of the parties involved.”
- Is E2E encryption different from other forms of encryption?
“End-to-end encryption is different from other forms of encryption such as TLS (Transport Layer Security) and SSL (Secure Sockets Layer). They serve different purposes and operate at different layers of communication. End-to-end encryption focuses on securing the content of the communication itself, while TLS and SSL secure the communication channel between a client and a server,” said Raul Colcher, IEEE Life Senior Member.
- What is the state of E2E encryption and what does the future hold for it?
“End-to-end encryption can pose challenges for law enforcement agencies in investigating criminal activities. Balancing privacy and security with lawful access requirements remains an ongoing debate in the context of end-to-end encryption. However, end-to-end encryption is a powerful technique for protecting consumer data, ensuring confidentiality, privacy and data integrity throughout the communication process,” Curran said. “Governments and regulatory bodies will continue to shape the future of end-to-end encryption through policy decisions and legal frameworks. Balancing privacy rights, lawful access and public safety considerations will be key in shaping the regulatory landscape.”
Learn more: We’ve all been using video conferencing a lot more since the pandemic. But is your connection secure and private? A recent article in IEEE Access explores that question.
Bits, Bytes, Buildings and Bridges: Digital-Driven Infrastructure
Impact of Technology in 2024
Emerging AI Cybersecurity Challenges and Solutions
The Skies are Unlimited
Smart Cities 2030: How Tech is Reshaping Urbanscapes
Impact of Technology 2023
Cybersecurity for Life-Changing Innovations
Smarter Wearables Healthier Life
Infrastructure In Motion
The Impact of Tech in 2022 and Beyond
Cybersecurity, Technology and Protecting Our World
How Technology Helps us Understand Our Health and Wellness
The Resilience of Humanity
Harnessing and Sustaining our Natural Resources
Creating Healthy Spaces Through Technology
Exceptional Infrastructure Challenges, Technology and Humanity
The Global Impact of IEEE's 802 Standards
Scenes of our Cyber Lives: The Security Threats and Technology Solutions Protecting Us
How Millennial Parents are Embracing Health and Wellness Technologies for Their Generation Alpha Kids
Space Exploration, Technology and Our Lives
Global Innovation and the Environment
How Technology, Privacy and Security are Changing Each Other (And Us)
Find us in booth 31506, LVCC South Hall 3 and experience the Technology Moon Walk
Virtual and Mixed Reality
How Robots are Improving our Health
IEEE Experts and the Robots They are Teaching
See how millennial parents around the world see AI impacting the lives of their tech-infused offspring
Take the journey from farm to table and learn how IoT will help us reach the rising demand for food production
Watch technical experts discuss the latest cyber threats
Explore how researchers, teachers, explorers, healthcare and medical professionals use immersive technologies
Follow the timeline to see how Generation AI will be impacted by technology
Learn how your IoT data can be used by experiencing a day in a connected life
Listen to technical experts discuss the biggest security threats today
See how tech has influenced and evolved with the Games
Enter our virtual home to explore the IoT (Internet of Things) technologies
Explore an interactive map showcasing exciting innovations in robotics
Interactively explore A.I. in recent Hollywood movies
Get immersed in technologies that will improve patients' lives