Understanding End to End Encryption (E2EE)

End to End Encryption works on the principle of asymmetric encryption. It is a type of encryption where the messages are encrypted using a key value stored at the user level. In a simple sense, no outside agency or even the company providing the service won’t be able to intercept any messages or read it in any way.

The messages are stored only on the user’s devices communicating with each other & no information can be stored on any server. This type of encryption was typically designed to protect from hackers, eavesdroppers, telecom providers or any other third party services who store and sell information to others for profits.

What it means for users:

When a company says that their communication system uses End to End Encryption, it clearly means that it cannot hand over any of the text or messages of their customers to any authorities when they are asked for it. Why? Because they just don’t have it. No data can be saved on the servers of the service provider and the data which is on the server is times stamps of the messages or usually garbage.

Weakness:

1] Each user should have the public key of the person they are corresponding with. But if the attacker who can provide the public key can execute a MIMT attack (Man-In-The-Middle).

2] If either of the end points or let’s just say exit points where the user reads the messages is compromised even before the user reads it, the encryption becomes faulty.

To overcome these faults, the public key is usually signed by a reputed Certificate Authority (CA).

Additional Info:

The key used in E2E encryption is a long string of numbers which is unable to comprehend by a human since it’s the algorithm/software that generates it. You do not have to manually turn on anything to start using E2E encryption, the services that offer it will automatically turn it on for you.

End to End Encryption

We will be discussing which apps are best for privacy in another post but we certainly do not recommend using Google Allo or Telegram. These services do tell consumers that they use End to End Encryption but in reality, nobody knows. There are many debates in forums regarding this topic. In the end, it all comes down to how much you trust Google with their service.
Also for your info, even Gmail also stores all your text messages so good luck feeling safe using it.

Related: Best Messaging Apps for Privacy