End-to-end encryption is the most secure way to communicate privately and securely online. By encrypting messages at both ends of a conversation, end-to-end encryption prevents anyone in the middle from reading private communications.
Until recently, end-to-end encryption (E2EE) was the sole domain of the tech savvy because of the complicated operations required to use it. However, recent technological advances have made end-to-end encryption much easier to use and more accessible. In this article, we will explain what is end-to-end encryption and what advantages it offers over regular encryption.
What is end-to-end encryption (E2EE)?
When you use E2EE to send an email or a message to someone, no one monitoring the network can see the content of your message — not hackers, not the government, and not even the company (e.g., ProtonMail) that facilitates your communication.
This differs from the encryption that most companies already use, which only protects the data in transit between your device and the company’s servers. For example, when you send and receive an email using a service that does not provide E2EE, such as Gmail or Hotmail, the company can access the content of your messages because they also hold the encryption keys. E2EE eliminates this possibility because the service provider does not actually possess the decryption key. Because of this, E2EE is much stronger than standard encryption.
How does end-to-end encryption work?
To understand how E2EE works, it helps to look at a diagram. In the example below, Bob wants to say hello to Alice in private. Alice has a public key and a private key, which are two mathematically related encryption keys. The public key can be shared with anyone, but only Alice has the private key.
First, Bob uses Alice’s public key to encrypt the message, turning “Hello Alice” into something called ciphertext — scrambled, seemingly random characters.
Bob sends this encrypted message over the public internet. Along the way, it may pass through multiple servers, including those belonging to the email service they’re using and to their internet service providers. Although those companies may try to read the message (or even share them with third parties), it is impossible for them to convert the ciphertext back into readable plaintext. Only Alice can do that with her private key when it lands in her inbox, as Alice is the only person that has access to her private key. When Alice wants to reply, she simply repeats the process, encrypting her message to Bob using Bob’s public key.
Advantages of end-to-end encryption services
There are several advantages of E2EE over the standard encryption that most services utilize:
- It keeps your data safe from hacks. E2EE means fewer parties have access to your unencrypted data. Even if hackers compromise the servers where your data is stored (e.g., the Yahoo mail hack), they cannot decrypt your data because they do not possess the decryption keys.
- It keeps your data private. If you use Gmail, Google can know every intimate detail you put in your emails, and it can save your emails even if you delete them. E2EE gives you control over who reads your messages.
- It’s good for democracy. Everyone has the right to privacy. E2EE protects free speech and shields persecuted activists, dissidents, and journalists from intimidation.
These are the reasons we built ProtonMail. As the first and largest secure email provider, we protect millions of users every day. End-to-end encryption is the technological backbone of our vision for a more private and secure internet.
Best Regards,
The ProtonMail Team
You can get a free secure email account from ProtonMail here.
We also provide a free VPN service to protect your privacy.
ProtonMail and ProtonVPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan or donate. Thank you for your support!
54 comments on “What is end-to-end encryption and how does it work?”
In PGP messages subject lines are not encrypted (as far as I understand), how is this in Protonmail?
It is the same in ProtonMail.
I just received my Protonmail account. Thank you! When I went through the account setup process I observed that my key pair was created. I have used Enigmail (gpg) in which I distribute my public key either manually or by use of a key server. I am responsible for maintaining and securing my private key locally.
Am I correct in understanding that Protonmail serves the function of a public key server AND stores an encrypted copy of my private key (encrypted with my mailbox key)?
Thanks!
Yes, that is correct. In the future, we will allow you to import your own keys.
So with Protonmail I (as a user) am not the only one holding my private encryption-key? Correct?
Only you have access to your private key.
So, my question is, if you store both public and private keys on your servers, would that be technically possible for you to use a pair of keys to decrypt a protonmail user emails?
Are this private/public key stored in a special way?
Can someone get in possession of both lists of private/public keys and pair keys?
Thank you.
This is a rather technical question which we have described in more detail here:
http://security.stackexchange.com/questions/58541/how-are-protonmail-keys-distributed
I have just registered with you after seeing the TED show. I want privacy. I will pay for or contribute for it. I succeeded in registering with you, but I am not sure. Could you confirm that i can now send an encrypted message-I think I sent one to my sister in USA- I am in the UK. My most important question to you is what do I have to do so that my recipient is able to reply safely as I did to him using my encrypted Proton mail ??? Please explain how I get the people I want on my encrypted contact list -do they have to register also like I did ? R Marbois
You can send an encrypted message to a non-ProtonMail user, but the easiest way is to also get your contacts to sign up for ProtonMail. Then all of the encryption is automatic and seamless.
I love protomail, esp its simplicity. I have a question; is my mailbox password my private key?
Not exactly, but related.
Hello,
Anybody know, how to get public key one of my protonmail contacts?
Tx.
Looking at the picture above, I am wondering if you, the ProtonMail staff, can read the Meta data such as the subject header, recipient as well as the sender data ?
We don’t encrypt subjects because it is not part of the OpenPGP standard, you can learn more here: https://protonmail.com/support/knowledge-base/does-protonmail-encrypt-email-subjects/
But you could anyway. When a raw mail comes in encrypt the whole file then decrypt and parse it when we want to read. it would be so easy to decrypt the whole raw mailfile including subject.
Sincere Gratitude and Thanks for pushing the envelope of privacy and becoming the true innovators. Your/Our shared vision of securing privacy and promoting what should naturally be civil liberties is great respected and sincerely appreciated. During these tumultuous If times it refreshing to be on the right side of history. When it’s all done and said. The only true question will be how did we as individual make a positive impact in our lives. Did our lives make things better or worst for humanity? Did we help ease the suffering and push humanity to become better or not? Because at the end of the day, at the end of our time here in earth. We will be asked, did we help? And evolve as a species or did we fail as a species? May Peace Prevail On Earth.
Hello,
Thank you again for the Development of Protonmail!
I just have a quick question: is an email sent through protonmail to another email provider using the same end-to-end encryption technology still secured (i.e. without using a shared passphrase in a link)?
It won’t have end-to-end encryption because the provider on the other end would be able to read that email.
Great but it can only encrypt plain text.
Hi
I am using protonmail since a couple of months and think it’s great! Thx for the great work.
What I couldn’t find explained on your website so far (maybe I missed it?) was an explanation about the encryption “mechanics” when a protonmail user sends an email to an arbitrary other email address (say gmail to be specific). I understand that on your server the email is encrypted and that for two protonmail users the end-to-end encryption works perfectly fine. However, when the content of the email is actually transferred to a third party email provider (say gmail), I reckon this would need to happen in plain-text (smtp / non-encrypted), and could in principle be eavesdropped by anyone. This is also confusing since it would imply that also you would need to have access to the un-encrypted email content, at least at the moment when you send the content to the third party email provider, contrary to what you claim.
Thx Matthias
Just saw that you provide the answer to my question in the knowledge-base:
https://protonmail.com/support/knowledge-base/what-is-encrypted/
https://protonmail.com/support/knowledge-base/encrypt-for-outside-users/
..apart from the last point: when I send an email from protonmail to say a gmail adress without “Encrypt for Outside” enabled, so the email content would be transferred TLS encrypted from the protonmail to the gmail server. But where does the TLS encryption take place? Is it performed locally on my computer and sent to your protonmail server (along with the AES encrypted content stored on the protonmail server), which in turn redirects it to the gmail server? In the other case the protonmail server would perform the TLS encryption I’d assume it would need access to the plain-text email content to do so.
When existing users will be able to change RSA key to 4096bit?
This will be possible closer to the end of this year.
It’s very long :( New users have ability for 4096bit key size during create new account :/ Please, try it faster.
If I send a pdf document with PHI by just pressing SEND in protonmail to an email address that is supported by that person’s healthcare organization with whom they are employed, is it still secure?
Only if you use the encryption to non-ProtonMail users feature. Please read more about what is automatically encrypted in ProtonMail here: https://protonmail.com/support/knowledge-base/what-is-encrypted/
My phone is encrypted with another device ..how do i find out the other device number
How do I decrypt in order to read my messages in the event of password forgotten
Only if you remember the forgotten password. Unfortunately, we cannot help in this case, which is why it is very important to not forget the password you set for your ProtonMail account.
How do I get E2EE?
You have explained how the encryption works when both Bob and Alice use PKI but what happens if a Proton user wants to send email to an email system that does not use PKI (which must be the majority of email users today?)
When I test the email arrives unencrypted.
That sounds strange. Can you please contact our support team at https://protonmail.com/support-form and provide them with as many details as possible so they can check and assist you with this issue?
Are my attachments also encrypted? I’m working with an attorney and need to send unredacted medical documents to the attorney. My Adobe Pro is not working well. Takes too long to upload and download. Even to load a document from the local file.
The message body, and the attachments, are fully encrypted. Please read more details here: https://protonmail.com/support/knowledge-base/what-is-encrypted/
Thanks for providing information about privacy, a m very much informed from your site.
What kind of security is there when I send a message from a protonmail account to a gmail / hotmail account?
Hi Paul! Those messages are secured by TLS encryption in transit. At rest, the messages are secured on our servers with zero-access encryption, meaning we never have access to the message. However, Gmail or Hotmail would still be able to read your emails on the recipient’s end.
The world will give way to those who have goals and visions
How are “regular” (i.e. non-ete-encrypted) stored? Can you access those? And what about the metadata? Can you see e.g. what banks, doctors etc. I am communicating with?
Hi Andrea,
You can read more about which messages are encrypted and what ProtonMail stores here and about metadata here.
Hi, emails that I am sending to contacts (non-proton emails) are not requiring a password to open up the email and or attachments. How do I fix this issue?
Hello Rivkah,
If you would like to password protect your emails to non-ProtonMail users, please follow the steps in this guide:
https://protonmail.com/support/knowledge-base/encrypt-for-outside-users/
Cheers
It would have been helpful to understand how the encryption keys are created and more about their operation. The article is just repetition that everything is ‘encrypted’ except between the parties. The article doesn’t explain how that is able to occurs.
Hi Dan, that is a good suggestion. We will consider covering this in a future post.
So If I send email from Protonmail to Gmail or any other server, is it possible they can read my email?
Hi Sanjay. If you send as a regular email: yes. If you send using our Encrypt for non ProtonMail users option: no.
Dear Protonmail,
The emails sent until November 2020 are now encrypted with PGP and i need to read them.
How can i decrypt ?
Best Regards,
epixxx@protonmail.com
Dear Protonmal,
You said was 24 hrs to your answer please. How can i decrypted the email before 7 Dezember 2020 ?
Best regards,
epixxx@protonmail.com
Hi Epi. Please contact our support team for assistance.
I am just learning about end-to-end encryption and have a question. If I send a Protonmail email to a non-Protonmail receiver do they need to take any extra steps to keep the email secure like 1) one have a Protonmail account? 2) take any extra steps to unlock the email for reading? I apologize for my ignorance just not sure if I pay for the most secure Protonmail if I’m making more work for my mental health clients who often say they don’t care about the privacey but I DO!. Currently, I will not allow email to be sent to or from me but it’s becoming more difficult with the delays in snail mail.
If I understood your architecture correctly, a user sending an email via ProtonMail will have his message encrypted by his browser (by a copy of OpenPGP.js served by protonmail.com), and your backend never sees the cleartext of that email. If that is true, how do you perform spam and virus filtering on those emails?
I understand that in the case of an external recipient, the client (user’s browser) will recognize that this is the case after communicating with your backend, and will forego end-to-end encryption. So in that case there is no end-to-end encryption and you will naturally be able to see the cleartext being sent. But when emailing another ProtonMail user, I cannot reconcile your claim of end-to-end encryption with the need to perform spam filtering. Or are ProtonMail users open to abuse from other ProtonMail users?
I would much appreciate it if you could enlighten me on this.