End-to-end encryption is a method of transmitting data where only the users communicating can access and read the messages. By using cryptographic keys that only the users have control over, no eavesdroppers can decrypt the message, not even the servers that transmit the data.
What is not End-to-End Encryption?
To have a clear picture of what end-to-end encryption is, we must first understand what is not end-to-end encryption. You might have heard about encryption being used by websites to protect our online activities. For example, when you visit https://www.gmail.com, the HTTPS in front of the URL denotes that SSL/TLS protocols are used to encrypt the data transferred between your computer and Gmail’s servers. This protocol is much more secure than HTTP (no “S” = not secure) and is widely adopted by websites to protect against eavesdroppers. The downside to relying solely on HTTPS, however, is that when two users are communicating with each other through a centralized server (such as Gmail), the server has the keys to decrypt the data. In order to prevent centralized services from intruding on our privacy, we can adopt end-to-end encryption.
How End-to-End Encryption Works
In end-to-end encryption, the endpoints refer to the sender and intended receiver’s devices. The message is encrypted locally on the sender’s device and can only be decrypted by the receiver on his device. End-to-end encryption is often referred to as “client-side encryption” and “zero access” due to the fact that encryption and decryption happen only on the users’ devices and not on central servers. Because of this characteristic, end-to-end encryption prevents centralized servers from reading user data. In order to implement end-to-end encryption, two types of cryptographic algorithms are used: symmetric and asymmetric.
Symmetric-key encryption is what we typically think of when we want to “lock” a message. The basic idea is that the sender generates a key that turns the message into ciphertext, an encrypted version of a message and sends the ciphertext to the receiver. The key is shared with the recipient through another secure channel so he can decrypt the ciphertext.
To illustrate how symmetric cryptography works in the real world, we’ll take a look at how an end-to-end encrypted email is sent from a ProtonMail email address to non-ProtonMail email addresses. In this case, you have to set a password for the message and share it with your recipients. The recipients receive an email with a link that takes them to a ProtonMail page where the ciphertext resides. Finally, the recipients enter the password you set for the message and the message is decrypted locally on their computer. In this Encrypt for Outside Users feature, the password never leaves the sender’s computer or comes to ProtonMail, so no one else can decrypt the message.
A major hassle with symmetric cryptography is that you have to find a way to securely share the key with your recipient (If an eavesdropper was able to get the ciphertext AND the key, the message would be compromised). If only there was a way to publicly share your key with anyone who might want to communicate with you, without fear of compromising your encrypted messages…
Invented in the 1970’s, asymmetric encryption solves the problem with 2 user generated keys – a public key and a mathematically related private key. The public key can be broadcasted to the world while the private key should never be revealed. The sender uses the receiver’s public key to encrypt a message into ciphertext and then sends it to the receiver. The ciphertext can only be decrypted with the receiver’s private key, protecting the message from eavesdroppers, even if they have the public key.
As a real world example of how this works, consider how email is sent between ProtonMail users, which is always automatically end-to-end encrypted. Invisible to the users but nevertheless happening all on the users’ devices, public keys of recipients are used to encrypt the message while private keys, which are only accessible to the users with the correct mailbox password, are used to decrypt data. Since ProtonMail does not have users’ mailbox passwords, even ProtonMail cannot decrypt user data. In addition, the beauty of asymmetric encryption allows ProtonMail to automatically encrypt incoming emails from the outside, such as from Gmail, using the users’ public keys so that the data is stored encrypted.
Advantages of End-to-End Encryption
End-to-end encryption provides the ultimate peace of mind for privacy-conscious users. You no longer have to give up control of your privacy and be forced to trust internet services that might:
- Insufficiently protect your data, leaving your personal information at risk to hackers, governments, and other entities.
- Scan and share your data to generate profit, advertising, and research without your consent or best interests in mind.
Why have I not used it before!?
Despite the technology having been around for decades, end-to-end encryption hasn’t been widely adopted for several reasons. First, it is against the interest of centralized service providers to support end-to-end encryption if their business model depends on advertising and invading users’ privacy. Secondly, end-to-end encryption has traditionally been difficult to use. In the email space, for example, PGP/GPG enables asymmetric encryption but requires users to exchange and manage keys, which can be confusing even for the tech-savvy. Despite these challenges, the importance of end-to-end encryption will only grow as more of our lives are tethered to the internet and more technology is developed to record and take advantage of our data.
At ProtonMail, we are making end-to-end encryption easy to use for everyone because we believe privacy matters. We have made the cryptography invisible to the user so that even if you didn’t understand anything from above, you can still use ProtonMail. Sign up for your end-to-end encrypted email account here.
To learn more about email privacy, watch our TED talk here.