End-to-end encryption ensures secure communication between two partners. The encryption and decryption of the transmitted information are performed directly by the two communication partners. Other stations involved in the transmission cannot access the information.
What is end-to-end encryption (E2EE)?
The English term for end-to-end encryption is end-to-end encryption, abbreviated E2EE. End-to-end encryption enables the secure exchange of information between two communication partners. All transmitted information is encrypted by the sender and only decrypted again at the receiver. Over the entire transmission path, the data is only available in encrypted form. Third parties such as intermediate stations or service providers cannot access the content. The only information available to them is control information that can be used to forward or route the encrypted information.
Various cryptographic methods such as symmetric or asymmetric encryption with public and private keys are used for encryption. End-to-end encryption reliably prevents the interception of messages. The counterpart is the so-called point-to-point encryption. With this method, the information is only encrypted on partial sections of a transmission route. At intermediate stations, it is always available in unencrypted plain text and can be viewed by third parties.
How end-to-end encryption works
As a rule, end-to-end encryption uses symmetric or asymmetric encryption methods. With symmetric methods, the two communication partners are in possession of a secret key, which they use to encrypt and decrypt the data. If the secret key comes into the possession of an unauthorized person, this person can also encrypt and decrypt all data. For two communication partners to be able to exchange end-to-end encrypted data using the symmetric method, they must have agreed on and exchanged the secret key beforehand.
Asymmetric encryption uses public and private keys. The public key of a communication partner A is accessible to everyone. However, data encrypted with a public key can only be decrypted again with the associated private key. The private key is known only to communication partner A. This procedure is also known as Public Key Encryption. It offers the advantage that the secret keys do not have to be exchanged before communication and private keys always remain local to a communication partner. With this method, it must be avoided that a false public key can be slipped in. This is ensured by the public key infrastructure (PKI), certification authorities (CA) and digital certificates.
The different areas of application of end-to-end encryption on the Internet
End-to-end encryption is used in various areas of Internet communication. For example, popular chat applications such as WhatsApp, Apple iMessage, Telegram or Threema use E2EE. In e-mail traffic, OpenPGP and S/MIME are common methods for end-to-end encryption. To exchange encrypted e-mails, the e-mail clients on the end devices involved must support the encryption method used.
The transmission of data from Internet pages between a server and a client can be secured using HTTPS (Hypertext Transfer Protocol Secure). HTTPS ensures end-to-end encrypted connections between the web server and the web browser. SSL/TLS (Secure Sockets Layer/Transport Layer Security) is used for encryption, which is inserted between HTTP and the TCP transport protocol.