What is End-to-End encryption?

Alexandre Helle
November 8, 2022

End-to-end encryption has become a tech buzzword in the past few years. Typically, seen in the same sentence as “privacy” and “data,” you probably guessed it has to do with protecting your data from unwanted eyes, but how it works might remain a mystery. Getting to know how end-to-end encryption works and what makes it different from other kinds of encryption will reveal why it’s considered the gold standard of data privacy.

What is Encryption?

Before diving into end-to-end encryption, let’s first start with encryption. Basically, encryption transforms readable information (such as a file) into an undecipherable state using a predetermined key (such as a password). If the encryption is symmetric, then this same key can be used to transform the data back into its original format (decryption). If it’s asymmetric, a different key must be used.

It might sound complicated, but picture this: you’re in middle school and trying to pass notes to your friend without fear of anyone snooping in on your conversation, so you create a secret code. You’ve just done a version of data encryption.

While a middle schooler’s encryption key might be limited in complexity and easily solved, modern data encryption techniques can create keys with billions upon billions of possible solutions. For example, AES-256, the industry standard for symmetric encryption, has 2^256 possible key combinations— that’s 1.15 quattuorvigintillion, a real number with 78 decimal digits! This would take the world’s fastest supercomputer over a billion years to crack.

What is End-to-End Encryption?

Let’s talk about email providers. Most of them use encryption-in-transit: your emails are encrypted as they travel from your device to a server, where they are decrypted and then encrypted again before traveling to the intended receiver. In some cases, the emails might also be encrypted-at-rest, meaning that it remains encrypted when stored on the email server.

However, even with all this encryption, your data isn’t necessarily safe. The company who owns the server that delivers your message also owns the key to open encrypted files stored on its server, so at any point your emails can be opened by them. In terms of covert middle school note-passing, this form of encryption would be the equivalent of passing an encrypted note across the classroom using the hands of fellow students who also know the key. You’d hope that they wouldn’t use the key to decipher the message before it got to its intended receiver, but when the note could contain some juicy piece of gossip they could use to their benefit, why wouldn’t they?

That’s where end-to-end encryption takes privacy to another level. With end-to-end encryption, data is encrypted on your device, and can only be decrypted by you and any intended recipients. With emails, for example, the company providing the service doesn’t have the key. To them, your data isn’t readable. Going back to the middle school metaphor, end-to-end encryption would be the equivalent of creating a key that only you and your friend have access to. Those helping you pass the note across the classroom could open your note and try to figure out what it said, but they would only see an incoherent jumble of letters. Taking away access to the encryption key means your message stays safe – making end-to-end encryption the most secure way to communicate online.

Who Uses End-to-End Encryption?

There are already several everyday services which use end-to-end encryption:

Signal, the popular messaging service, uses end-to-end encryption to allow users to privately exchange messages. While many don’t live in fear about their private messages, for those living in countries where governments surveil citizens online, Signal has become a protector of free speech.

1Password, an end-to-end encrypted password manager, allows users to safely store their credentials in an end-to-end encrypted ‘vault’ that only users can access. This service protects individuals from getting their login information stolen, defending against credential theft and impersonation.

Stealth has joined Signal and 1Password’s ranks by providing end-to-end encrypted cloud storage. Using Stealth, users are able to upload, search and access their most sensitive files knowing that only they have access to their data. Unlike other cloud storage providers which might encrypt data at rest and in transit, but still have access to the keys, Stealth is end-to-end encrypted. This ensures that your data remains 100% private and only accessible to you, as it should be.

Want to make sure you’re the only one who has the key that unlocks your data? Join the Stealth BETA today and experience the highest level of privacy for your most valuable documents.