What is end to end encryption?

With the recent roll out of end to end encryption by Whatsapp, the largest messaging service, everyone has been talking about it. The FBI vs Apple battle over privacy debate is a minor one if one sees the implementation of end to end encryption in an online messaging application. There are a ton of companies that brag about their services are encrypted. What this means is that the messages being sent using the communication platform are secure and hackers cannot read them if they somehow manage to get in the middle of the two people communicating. That is, even if someone gets access to the channel being used by the people communicating, for example your network administrator (or any other person who has access to your network, commonly known as man in the middle attack), they cannot read the contents of the message being sent.

Encryption, what?

It is the process of encoding information in such a way ensuring that only authorized people can understand (or read) it. The process involves a key, which is used to encrypt the data. The key is responsible for encrypting the data into an encoded message, and depending on the type of encryption, only a specific key can be used to decrypt the message to its original form.

What is the advantage of end to end encryption?

- Advertisement -

End to end encryption is a form wherein only people who are communicating have the keys to decrypt the messages. No eavesdropper can have access to these keys, and not even the company that is running the platform. Therefore, no hacker, or any government organization can stand over the organization’s shoulder and make them decrypt the messages. Technically, it is not impossible, but end to end decryption is one of the safest ways to ensure privacy. This also gives a blow to government authorities like FBI who try and pressure the messaging platforms to decrypt the message. The company’s servers do not have any information about the messages being sent and they only act as puppets passing a message without really knowing what it means. The keys never leave the user’s device and hence the server can never know anything about it. Many people might be confused that the keys must be interchanged at least once, but that does not happen at all, thanks to public key encryption. A pair of private and public keys are generated. The public key can be shared with everyone. Messages encrypted using the public key, can only be decrypted using the private key (the combination of keys is made such, thanks to mathematics). Hence no one can understand what messages were send until they have the key. Hence end to end encryption makes your privacy a top concern.

whatsapp-security[1]

 

For those who are still confused about public key encryption, here’s a video explaining it:

Of course there are workarounds to everything in technology. Example, Apple uses end to end encryption in iMessages, but it also backs it up to iCloud, which makes use of a different key. Hence they can access your messages if they are pressurized to. Other ways of breaking in can be a man in the middle attack, or attacking the ends. After all a mail is only as secure as are the mailboxes receiving the emails.

But overall, WhatsApp has taken a huge step by partnering with Open Whisper Systems to implement end to end encryption across all the platforms it supports. And the move makes the process of decrypting WhatsApp messages require extraordinary measures.

Recent Articles

How to debug better using $ sign shortcuts in Chrome devtools

Chrome devtools has a collection of utilities that can be used to perform common debugging tasks and make our life easier. The...

Deep copying in JavaScript using structuredClone

For as long as anyone can remember, deep copying in JavaScript was not a built-in feature and we had to resort to...

Chrome devtools: Using logpoints for logging messages directly

When it comes to debugging JavaScript in Chrome devtools, there are two different camps: the console.log fans and the debugger/breakpoint maximalist. I...

How to prevent npm install for unsupported Node.js versions

npm configurations allow us to do quite a lot of nifty things. One of them is to allow the project to set...

How to terminate a process on a port using the command line

Zombie processes are usually a pain to figure out. More often than not, I end up googling about how to terminate a...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Hi there! Want some more knowledge?

Think that the knowledge shared is helpful? You might want to give our mailing list a try. We'll send you 2-4 emails a month, right when new posts come out.

Hi there! Want some more knowledge?

Think that the knowledge shared is helpful? You might want to give our mailing list a try. We'll send you 2-4 emails a month, right when new posts come out.