What Is End-to-End Encryption - Communication No One Else Can Read
End-to-end encryption (E2EE) is an encryption method where only the sender and recipient can read the message content. Servers along the communication path, Internet Service Providers, and even the service provider itself cannot decrypt the encrypted messages.
With standard TLS/HTTPS encryption, traffic between the client and server is encrypted, but data is decrypted on the server for processing. This means the service provider can access message content. E2EE solves this problem by ensuring messages remain encrypted even as they pass through the server.
How E2EE Works - Public-Key Cryptography and Key Exchange
E2EE is built on public-key cryptography. Each user holds a "public key" and a "private key" pair; data encrypted with the public key can only be decrypted with the corresponding private key.
Basic Encryption Flow
- Alice and Bob each generate a public-private key pair
- Alice obtains Bob's public key (distributed via the server)
- Alice encrypts her message with Bob's public key and sends it
- The server relays the encrypted message to Bob as-is (it cannot decrypt it)
- Bob decrypts the message with his private key and reads it
In practice, messaging apps use a hybrid approach for performance: the message body is encrypted with a symmetric cipher like AES, and that symmetric key is then encrypted with public-key cryptography.
The Signal Protocol - The Modern E2EE Standard
The Signal Protocol (formerly the Axolotl Protocol) is the most widely adopted E2EE protocol today. It combines the following technologies:
- X3DH (Extended Triple Diffie-Hellman): The initial key exchange protocol. It allows asynchronous key exchange even when the other party is offline
- Double Ratchet Algorithm: Rotates encryption keys with every message. Even if a past key is compromised, subsequent messages remain secure (forward secrecy)
- Sesame Algorithm: Manages sessions across multiple devices
The "ratchet" in Double Ratchet refers to a gear that turns in only one direction. The encryption key always moves forward and can never go back. This means that even if a key at a given point is leaked, past messages remain protected.
E2EE Support Across Major Messaging Apps
The scope and implementation of E2EE varies significantly across messaging apps.
| App | E2EE Scope | Protocol | Metadata Protection |
|---|---|---|---|
| Signal | All communications (default) | Signal Protocol | Sealed Sender hides the sender |
| All communications (default) | Signal Protocol | Metadata collected by Meta | |
| LINE | 1-on-1 chats (Letter Sealing) | Proprietary (ECDH + AES) | Limited |
| Telegram | Secret Chats only (manual) | MTProto 2.0 | Regular chats lack E2EE |
| iMessage | Between Apple devices (default) | Proprietary (RSA + AES) | iCloud backup is a concern |
A critical detail: LINE's E2EE (Letter Sealing) does not apply to group chats. And while Telegram is marketed as a "secure messenger," E2EE is not enabled by default - you must manually start a Secret Chat. See also our guide on choosing a secure messenger.
Limitations and Misconceptions of E2EE
E2EE is powerful, but it is not a silver bullet. Understanding its limitations is essential.
Metadata Is Not Protected
E2EE encrypts message content, but it does not protect metadata: who communicated with whom, when, and how often. Metadata alone can reveal relationships, behavioral patterns, and locations. Signal's Sealed Sender partially addresses this, but a complete solution remains elusive.
Endpoint Vulnerabilities
E2EE protects the communication channel, but if the device itself is compromised, it is meaningless. Spyware on a smartphone can capture decrypted messages via screen capture or keylogging. NSO Group's Pegasus spyware is notorious for bypassing E2EE through this approach.
Backup Encryption
When chat history from WhatsApp or iMessage is backed up to the cloud, the backup itself may not be E2EE-protected. WhatsApp introduced end-to-end encrypted backups in 2021, but the feature is off by default. iCloud backups are similarly accessible to Apple unless Advanced Data Protection is enabled.
Key Verification
E2EE security depends on the authenticity of the other party's public key. A man-in-the-middle (MITM) attack where the server distributes a fake public key is theoretically possible. Signal and WhatsApp allow you to verify key authenticity by comparing "safety numbers" or "security codes" in person. This is the same trust problem addressed by digital certificates.
E2EE and Email Encryption
Unlike messaging apps, E2EE adoption in email remains low. Standard email (SMTP) is sent in plaintext, and TLS encryption between servers is optional.
The two main approaches to encrypted email are:
- PGP/GPG: Encrypts email body using public-key cryptography. Key management is complex, making it impractical for most users
- S/MIME: Uses digital certificates for email encryption. Common in enterprise environments but rare for personal use
Services like ProtonMail and Tutanota implement email E2EE through proprietary mechanisms, but full E2EE only works between users of the same service.
Using E2EE Effectively
To maximize the benefits of E2EE, understand both its mechanics and its limits. Choose the right app and strengthen your device security alongside it. If privacy is your top priority, use Signal. For a balance of convenience and security, WhatsApp is solid. For domestic communication in Japan, enable LINE's Letter Sealing but avoid sharing sensitive information in group chats. To see what information your connection currently exposes, check your IP address and run a DNS leak test at IP確認さん.
For a deeper dive into encryption technology, cryptography books are an excellent resource.