This week, we will look at a concept in cryptography you may well have heard of: end-to-end encryption (E2EE). It has become a talking point because it is now employed by messaging apps, such as Whatsapp and Facebook Messenger.
What is end-to-end encryption?
E2EE is a way to describe a method of communication that only allows the intended recipients of a message to read it — no one else can see the messages.
In many communications systems, those using the service have to trust the service provider with the information being sent. While the information is secure from being seen by others, the server (or third party) must be trusted; this problem is overcome by end to end encryption. In the last year, E2EE has been adopted by companies like WhatsApp and it is regarded as safer because the number of people (or parties) that are able to read the information is lower.
Is end to end encryption enough?
E2EE does stop the service provider from being able to read the messages that are sent using their service. However, this does not stop all attacks. We can think of the messaging system like the postal service: messages are letters in this case. Even if the postal system is totally secure it is only as secure as the mailbox at the end of the service. If someone can unlock your mailbox, where the post is delivered to, then they can read anything they want. The same holds true for E2EE. If someone can get into your phone, or computer, then they can read what they like — end to end encryption cannot stop this.
Therefore, end-to-end encryption does help, but it is not the overall solution to all possible security threats.
This article was written by David Butler, one of the course creators and teachers at Oxbridge Inspire. David is studying for a PhD at the Alan Turing Institute in London.
Oxbridge Inspire delivers innovative STEM education and provides guidance and inspiration to young people wishing to pursue STEM subjects at University and beyond. To find out more about Oxbridge Inspire and the courses and activities we offer, visit our website.