- Privacy & Security
- Why End-to-End Encryption is Important for Privacy
Why End-to-End Encryption is Important for Privacy
By Nick Anderson No Comments 5 minutes
Since the early days of the internet, much of the efforts have been towards making it more private and secure. Sending data over several nodes on the public network presents certain challenges. Someone actively monitoring data could intercept and store it. It would not be secure if your username and password could be read in plain text by someone intercepting communication between you and the webserver. End-to-end encryption has changed web communication for the better. With end-to-end encryption, it is possible to send data like login information, photos, videos, audio over the internet without the risk of any third party intercepting it.
How Encryption Works
The goal of encryption is to establish a secure communication exchange between a client and web server or between two users. Without end-to-end encryption, data arrives at a server, and the encryption is stripped off, then forwarded to the destination.
Although encryption is present during transit, preventing a third party from intercepting the communication, the approach is not completely secure. The fact that the webserver can strip off the encryption and see the contents does not provide a certain level of confidence with regard to privacy.
Take HTTPS, for example. The protocol uses SSL/TLS encryption for authentication and data encryption. Most of the web today is using HTTPS to secure client-server communication. When you open an HTTPS-enabled website, it uses public-key encryption to encrypt data while it’s in transit. The web server uses its private key to decrypt the data packets. It’s a reliable way to ensure that you connect with the correct web server and that data transmission is not susceptible to eavesdropping.
Why End-to-End Encryption is Important
Although data is encrypted in transit, it is not secure against the webserver because it stores the messages to provide you with its service. Facebook Messenger, for example, uses HTTPS encryption for data transmission from the client to the webserver. But, Facebook always has access to your messages because encryption is implemented halfway.
End-to-encryption encryption makes it impossible for anyone but the receiver to decrypt the message. It uses public-key encryption, but instead of using the web server’s public key to encrypt messages, it uses the receiver’s public key. Doing so ensures that only the receiver has access to the data.
Privacy advocates have voiced support in favor of end-to-end encryption. Because in the age of surveillance and data retention, such technologies help protect privacy on the internet. Governments do not like the idea of citizens escaping their watchful eyes, and they are fighting to regain control. The pursuit of abolishing end-to-end encryption on popular chat apps has been centered around concerns over national security, but the fact is that governments cannot be trusted. End-to-end encryption gives users privacy on the web and lets them exchange messages without worrying about the state spying on them.
Examples of End-to-End Encryption
The use of end-to-end encryption is received as a positive sign and signals the service’s commitment to user privacy. Facebook Messenger today allows users to create a secret conversation that uses end-to-end encryption and self-destruct mechanism. Facebook has announced plans to introduce end-to-end encryption for all Messenger chats.
Today, several chat apps and other services use end-to-end encryption as the foundation for secure communication.
WhatsApp uses end-to-encryption to protect the communication of its 2 billion+ users, including audio and video calls. The feature is enabled by default.
Your friends use your public key to encrypt a message that only you can decrypt using your private key. Chat backups are stored on WhatsApp servers, but the service has no capability of peeking into them. WhatsApp has been a target of a major controversy this year, which prompted it to issue a detailed clarification. Still, for all intents and purposes, WhatsApp remains one of the secure messaging apps.
Signal is one of the lesser-known but more privacy-focused chat app that saw a surge in users during the WhatsApp controversy. And for a good reason. Signal uses the Signal protocol – an open-source protocol vetted by security experts. It relies on end-to-end encryption for all types of communication.
It has the seal of approval from whistleblower Edward Snowden.
More common cloud storage providers like Google Drive and OneDrive use encryption for transit only. In contrast, Internxt offers a truly end-to-end encrypted file storage platform that only you can access. It stores your data in encrypted form and into fragments, so there is never one file on a central server.
FastestVPN and Internxt have entered into a partnership to give you more value. Every FastestVPN subscription comes with 1 year of 2TB Internxt cloud storage for free.
As a secure email provider, Tutanota delivers a service that has no knowledge of the contents of your emails, even your passwords are hashed before being sent to the server for maximum security.
Such attention to privacy and security makes Tutanota much safer, especially when a big platform like Gmail has admitted to granting advertisers access to user emails.
The bottom line is that end-to-end encryption is essential for protecting privacy on the internet. While not every service has implemented it, the future may be promising. The push for end-to-end encryption as a standard for messaging apps is something we can all get behind.