Typical communication is unencrypted. This means that the data, the contents of the message, could be read by anyone who has access to them at any point in their journey to the recipient. Maybe your internet connection is compromised and someone can see all the data that comes and goes from your connection. Maybe it’s the servers of the service that are compromised or maybe your Internet Service Provider is compromised. Your data passes through all those different networks and servers so it is theoretically possible that someone with access to them could read your messages.

End to end encryption is what it says on the label, it’s encrypted. When two users have a chat with each other, an encryption key is generated that only their devices have. This encryption key is used to encrypt and then decrypt the data on either end. Without it the encrypted data makes no sense to anyone who may have access to them and is next to impossible to decrypt without the encryption key. This means that even if for example someone has access to my messenger account, and he has it open on a computer, he still won’t be able to see my end to end encrypted chat that I have with someone through my phone, since only my phone and their phone have the encryption keys. That’s why it’s called end to end. A channel of communication may still be encrypted but not necessarily end to end.

End to end encryption offers significant security and privacy benefits but it’s not unbeatable. If someone up to no good wants access to your data there’s always ways they can get it. The weakest points are obviously the devices themselves. If malicious software that gathers your data is installed without your knowledge on your device it can simply read the decrypted messages and bypass the need to decrypt entirely. If someone has access to the encrypted data they may still be able to decrypt it if the method of encryption is weak or if they have the ability to brute force it with a suitable system. Lastly there’s the question of whether the providers of those services themselves are honest about their encryption. What’s App or Messenger may say their messages are end to end encrypted but that doesn’t necessarily mean that’s the case, in which case it poses a huge vulnerability.

Simply put, End to End encrypts the data on the sender’s device, and it is decrypted on the receiver’s side when it arrives, so it stays encrypted for the whole journey. The only way to decrypt the message is by using the key that only the receiver device has.

Not to be confused with Link Encryption, which works similarly but is able to also encrypt the headers where the routing information is located (IP addresses, MAC addresses, etc). End to End Encryption does not do that; it encrypts the data itself, but not the header.

Simply put, End to End encrypts the data on the sender’s device, and it is decrypted on the receiver’s side when it arrives, so it stays encrypted for the whole journey. The only way to decrypt the message is by using the key that only the receiver device has.

Not to be confused with Link Encryption, which works similarly but is able to also encrypt the headers where the routing information is located (IP addresses, MAC addresses, etc). End to End Encryption does not do that; it encrypts the data itself, but not the header.

Typical communication is unencrypted. This means that the data, the contents of the message, could be read by anyone who has access to them at any point in their journey to the recipient. Maybe your internet connection is compromised and someone can see all the data that comes and goes from your connection. Maybe it’s the servers of the service that are compromised or maybe your Internet Service Provider is compromised. Your data passes through all those different networks and servers so it is theoretically possible that someone with access to them could read your messages.

End to end encryption is what it says on the label, it’s encrypted. When two users have a chat with each other, an encryption key is generated that only their devices have. This encryption key is used to encrypt and then decrypt the data on either end. Without it the encrypted data makes no sense to anyone who may have access to them and is next to impossible to decrypt without the encryption key. This means that even if for example someone has access to my messenger account, and he has it open on a computer, he still won’t be able to see my end to end encrypted chat that I have with someone through my phone, since only my phone and their phone have the encryption keys. That’s why it’s called end to end. A channel of communication may still be encrypted but not necessarily end to end.

End to end encryption offers significant security and privacy benefits but it’s not unbeatable. If someone up to no good wants access to your data there’s always ways they can get it. The weakest points are obviously the devices themselves. If malicious software that gathers your data is installed without your knowledge on your device it can simply read the decrypted messages and bypass the need to decrypt entirely. If someone has access to the encrypted data they may still be able to decrypt it if the method of encryption is weak or if they have the ability to brute force it with a suitable system. Lastly there’s the question of whether the providers of those services themselves are honest about their encryption. What’s App or Messenger may say their messages are end to end encrypted but that doesn’t necessarily mean that’s the case, in which case it poses a huge vulnerability.

It means that the message is encrypted on your phone and decrypted only at the receiver’s phone. Crucially, only the two ends have the decryption key, so it CANNOT be decrypted by the server.

This is in opposition to something like e-mail where your email is encrypted on your phone but decrypted at the email server (Gmail, etc).

The way modern encryption works is that the receiver has a private key (say two very large numbers) and they send out a public key (say the product of those two numbers). You can encrypt the message with the public key, but to decrypt it you need the private key. This works because it’s trivial to multiply two large numbers together, but it’s enormously expensive to factor the product of two large primes (until quantum computers come into their own).

If Alice wants to send a message to Bob, Bob can send her his public key. Alice can then encrypt whatever she wants to say to Bob and send it back. Alice may have to send her message through lots of people, but they can’t read it without Bob’s private key. This is end-to-end encryption – nobody along the way can read it.

Of course, maybe facetergram is sitting between Alice and Bob, and the message goes through them. Facetergram may say “hey, use my public key”, then Alice sends a message to facetergram, then facetergram decrypts it, then re-encrypts it with Bob’s public key and sends it off. In this world, Alice doesn’t need to know Bob’s key (convenient!), but facetergram can now read Alice’s message if they want to. This is not end-to-end, since the message gets read in the middle.

Incidentally, this is why I think a lot of the law enforcement efforts are colossally stupid. If I’m a criminal, I’ll just call up Bob and say “hey, Bob, what’s your public key?” Then nobody in the middle can read the message. The software to do this isn’t hard – I had to do it for a single homework assignment as an undergraduate. Letting facetergram decrypt your messages is an enormous security hole (what happens if they get hacked?), but if I’m a criminal I’d send messages in a way that they couldn’t read. So, only legitimate users (or really dumb criminals) can have their messages read, at the price of potentially disastrous leaks.

It means that the message is encrypted on your phone and decrypted only at the receiver’s phone. Crucially, only the two ends have the decryption key, so it CANNOT be decrypted by the server.

This is in opposition to something like e-mail where your email is encrypted on your phone but decrypted at the email server (Gmail, etc).

It means that the message is encrypted on your phone and decrypted only at the receiver’s phone. Crucially, only the two ends have the decryption key, so it CANNOT be decrypted by the server.

This is in opposition to something like e-mail where your email is encrypted on your phone but decrypted at the email server (Gmail, etc).

Thank you for the replies.

Assuming the companies do what they claim, then is messaging through WhatsApp the same as Signal?

The way modern encryption works is that the receiver has a private key (say two very large numbers) and they send out a public key (say the product of those two numbers). You can encrypt the message with the public key, but to decrypt it you need the private key. This works because it’s trivial to multiply two large numbers together, but it’s enormously expensive to factor the product of two large primes (until quantum computers come into their own).

If Alice wants to send a message to Bob, Bob can send her his public key. Alice can then encrypt whatever she wants to say to Bob and send it back. Alice may have to send her message through lots of people, but they can’t read it without Bob’s private key. This is end-to-end encryption – nobody along the way can read it.

Of course, maybe facetergram is sitting between Alice and Bob, and the message goes through them. Facetergram may say “hey, use my public key”, then Alice sends a message to facetergram, then facetergram decrypts it, then re-encrypts it with Bob’s public key and sends it off. In this world, Alice doesn’t need to know Bob’s key (convenient!), but facetergram can now read Alice’s message if they want to. This is not end-to-end, since the message gets read in the middle.

Incidentally, this is why I think a lot of the law enforcement efforts are colossally stupid. If I’m a criminal, I’ll just call up Bob and say “hey, Bob, what’s your public key?” Then nobody in the middle can read the message. The software to do this isn’t hard – I had to do it for a single homework assignment as an undergraduate. Letting facetergram decrypt your messages is an enormous security hole (what happens if they get hacked?), but if I’m a criminal I’d send messages in a way that they couldn’t read. So, only legitimate users (or really dumb criminals) can have their messages read, at the price of potentially disastrous leaks.