Cyber Lingo: What is end-to-end encryption?

“What is end-to-end encryption?” is one of the top searched questions in cyber security this month. This is proof that average users are becoming more curious about security terms, like end-to-end encryption, as technology and security become easier to access.

Photo by Markus Spiske on Unsplash

Cryptography can be traced back thousands of years to 1900 BC when Egyptians used unusual hieroglyphics instead of ordinary ones to represent the dignities of noblemen. Nowadays, cryptography is used in the form of encryption on computers and storage devices to protect data. 

What is end-to-end encryption?

There are many different types of encryption: cloud storage, column-level, field-level, network-level, and so much more. But, the term that seems to be on everyone’s minds (per Google Trends) is end-to-end encryption. 

End-to-end encryption (E2EE) is a specific implementation of encryption that uses an encrypted communication circuit to provide an additional layer of security. In an end-to-end encrypted communication system, only the communicating users can read the messages. Even the service provider facilitating the communication cannot access the data.

Help your team learn more security terms with Click Armor’s gamified training. Schedule a call to learn more. 

Applications of end-to-end encryption

When will you see the term “encryption”?

End-to-end encryption is commonly associated with messaging apps and email services. Platforms like WhatsApp, Signal, and Telegram often boast about their end-to-end encrypted communication channels, assuring users that their conversations remain private.

When will you use encryption?

You’re likely using end-to-end encryption in your everyday life without even knowing it. Hopefully, your security team ensures any private conversations are protected via end-to-end encryption while you are using emails, messaging, virtual conferences, cloud data, and data sharing. 

Feel free to ask your security team which of your platforms offers end-to-end encryption so you can better learn where is best to host conversations where you want the utmost privacy, especially chats where you will be sharing customer data, financial information, or business data.

Real-Life Cases

End-to-end encryption is likely a popular search term due to Meta’s recent announcement that its messages and calls will now use end-to-end encryption. This guarantees only active users in a chat will have access to their conversation. Once this new update goes live, not even Meta employees will be able to access user conversations.

For example, once this is officially implemented, if you send a message on Facebook Messenger to a friend, no one else in the world will have access to it. This means if you both delete the conversation, it is gone and can never be recovered. 

The end-to-end encryption announcement by Meta is great news for privacy (imagine a Meta employee sitting in on all your in-person conversations), but raises concerns for online bullying and child harassment as keywords in inappropriate messages will no longer be able to be flagged.  

Other Terms

Other terms related to end-to-end encryption to know:

• Plaintext – Data that is not encrypted. 
• Ciphertext – Data that is encrypted. 
• Algorithms or Ciphers – The formulas used to code or decode encrypted data.
• Key – The variable that makes the algorithm/cipher unique. 
• Cryptography – Recoding information so that only the person a message was intended for can read it

End-to-end encryption emerges as a powerful ally in our digital age, providing a secure channel for communication in a world where privacy is often at risk. Understanding the significance of this term empowers you to make informed choices about the platforms you use at work and in your personal life. Stay tuned for the next installment of our Cyber Lingo series, where we’ll define another essential term in the world of cyber security. 

Scott Wright is CEO of Click Armor, the gamified simulation platform that helps businesses avoid breaches by engaging employees to improve their proficiency in making decisions for cyber security risk and corporate compliance. He has over 20 years of cyber security coaching experience and was creator of the Honey Stick Project for Smartphones as a demonstration in measuring human vulnerabilities.