What is end-to-end encryption and how does it work?

2 min
Tags: End-to-end encryption encryption SALSA20 Data decrypted Messenger Teleguard

End-to-end encryption should provide a certain level of security for the user, and also for the recipient. This means that the decryption of the data is the exclusive responsibility of the sender and receiver. No one else can decrypt them. There are now many providers that offer such a security measure on their platform. It is promised that no third parties have access to the data. This means not only chats and messengers, but also communication via audio and video or e-mails, or cloud storage.

Storing data in the cloud

Anyone who stores their data online wants to be sure that the content is optimally protected. This applies to photos from the last vacation as well as important documents. No one else should have access to these folders and files. Therefore, some protection is necessary. To ensure that this data does not remain unprotected on the network, protective measures are in place on the corresponding external servers. Equally important is a protected transmission path when the data is transferred from one device to another. This is exactly where end-to-end encryption comes into play.

Definition of end-to-end encryption

All messages and data are encrypted directly at the sender and only decrypted when requested by the recipient. In between, there is no access by third parties. Only the recipient and the sender hold the key.

This key is neither stored nor forwarded - it should also not be possible to calculate or otherwise derive it along the way. Otherwise it is not a real end-to-end encryption. It is all the more difficult to provide the recipient with exactly this key without third parties benefiting from it.

A face-to-face meeting is not possible for this. Therefore, a so-called public key infrastructure is used. This means that the recipient publishes a public key. This only allows the data to be encrypted, but not decrypted. This enables the sender to transmit encrypted data to the receiver. The private key is held by the recipient, who can use it to open this message. Thus, the exchange of keys is no longer a problem. But other challenges need to be solved. The question is, for example, whether the intended recipient is actually the right one. Without a central authority, however, this problem is difficult to solve. Access should only ever be granted to authorized users. Therefore, own software solutions are used for encryption.

Why is end-to-end encryption so popular?

Both business and privacy should always be equally protected and preserved. Unfortunately, there are many who are interested in exactly that. Again and again, there are corresponding attacks on the net. Attempts are often made to gain an insight into this potentially interesting data. In most cases, this happens directly during the transfer itself. Very often, however, it is the providers of these services that analyze the data in the background and examine it for a pattern. This makes it all the more important to be able to really rely on such services. The terms and conditions should therefore be closely examined.

There are also other encryption methods, such as SALSA20, which is used by TeleGuard, a secure messenger and alternative to WhatsApp.

To illustrate, it would take a supercomputer approximately 20,580,831,662 years to decrypt SALSA20.