End-to-end encryption is based on asymmetric encryption. It encrypts data so that only the sender and recipient can read it.
- What is Encryption?
- Why Encryption?
- Why Encryption Is Safe
- Key Terms
- An Overview of Encryption
- Symmetric vs. Asymmetric Encryption
- End to End Encryption
- Using End-to-End Encryption
- How the Web Uses Encryption
What is Encryption?
Every time you send private data to another computer or server over the internet, you run a risk. It’s like Little Red Riding Hood being sent to her grandmother’s house across the woods. Those woods, which she must cross alone, are full of dangers.
When you send data packets like voice calls, chats, emails, or credit card numbers over the internet, they become vulnerable to threats like theft. These unknown servers, routers and devices are open to hacking by any government agency or rogue agent. Encryption protects your data.
Why Encryption?
“Do I need encryption?” you may wonder. Not always, but probably. Encryption may be less frequently required than it is used, but that’s security. It also depends on the data you’re sending. End-to-end encryption is useful if you have sensitive data to protect.
WhatsApp and other messaging apps are not encrypted to many users. But we all need encryption when doing online banking or shopping. Encryption happens without your knowledge, and most people don’t care when or how their data is encrypted.
Why Encryption Is Safe
Encryption scrambles data so that anyone intercepting it cannot read, understand, or make sense of it. Only the intended recipient can “unscramble” the data. By the time it reaches them, the scrambled data has been restored to its original form. This latter step is decryption.
Key Terms
Bring on the glossary. Plain text is unencrypted data. Ciphertext is encrypted data. Encryption algorithms are computer programs that work on data to scramble it.
The algorithm scrambles the plain text with an encryption key, and the algorithm requires the right key to decrypt the data. Only the keyholder has access to the original data. The key is a long string of numbers that the software handles for you.
SSL, or its updated version Transport Layer Security (TLS), is the web-based encryption standard. There are indicators of security and safety when entering a site that offers data encryption, such as personal details, passwords, and credit card numbers.
An Overview of Encryption
Before the digital age, encryption was known as cryptography and was used for millennia. Complicating hieroglyphs prevented lower-level Egyptians from understanding privileged information. The first book on modern, scientific encryption was written by Arab mathematician Al-Kindi in the Middle Ages. Allied efforts to “decrypt” Nazi communications brought the craft to a new level during WWII.
Germany developed the first end-to-end encrypted instant messaging and calling apps. Telegram and Threema.
Symmetric vs. Asymmetric Encryption
An example of how encryption works: Tom wants to message Harry privately. The message is encrypted using an algorithm and a key. The algorithm is public, but the key is between Tom and Harry. A hacker intercepting the message in cyphertext cannot decrypt it back to the original message without the key.
Symmetric encryption uses the same key to encrypt and decrypt. The problem is that both legitimate parties need the key, which means sending it from one side to the other may compromise it. So it isn’t always effective.
Asymmetric encryption is the solution. Each party has two keys: a public key and a private key. Both parties and anyone else have access to the public keys because they exchange them before communicating. Tom encrypts the message with Harry’s public key, which can only be decrypted with Harry’s public and private keys.
This private key is only Harry’s, not even Tom, the sender’s. Because the private key is not sent, no one else can decrypt the message.
End to End Encryption
Asymmetric encryption includes end-to-end encryption. End-to-end encryption protects data so that only the sender and recipient can read it. Other parties such as hackers, governments and servers cannot read the encrypted data.
End-to-end encryption entails other details. Consider two WhatsApp users chatting. Their data is routed through a WhatsApp server between users. Other services encrypt data during transfer but only protect it from outsiders like hackers. The service can intercept and use data on their servers. They may give the data to third parties or law enforcement.
End-to-end encryption keeps data encrypted, even at the server. So, even if they wanted to, the service couldn’t intercept or use the data. Even with authorization, law enforcement and governments cannot access the data. No one can, except the two parties at each end.
Using End-to-End Encryption
The user does not initiate end-to-end encryption. Web security is handled by encryption services and software.
For example, your browser has end-to-end encryption tools that kick in when you do something online that requires data security. Consider what happens when you pay with your credit card online. Your computer must send the credit card number. With end-to-end encryption, only you and the merchant’s computer can see this number.
How the Web Uses Encryption
The URL begins with https:// instead of http://, the s standing for secure. On the page is an image of Symantec (owner of TLS) and TLS. When clicked, a pop-up verifies the site’s authenticity. Websites can use digital certificates from Symantec to encrypt.
End-to-end encryption protects voice calls and other media. Using these apps provides you with encryption privacy.
The above description of end-to-end encryption simplifies the concept. In practice, there are multiple standards and protocols. Encryption is a lifelong pursuit.