End-to-end encryption (E2EE) is a communication method where messages are encrypted on the sender's device and can only be decrypted on the recipient's device. No intermediate server - not even the messaging platform's own servers - can read the content.
How E2EE Works
- Each user has a public key (shareable) and a private key (stored only on their device).
- When Alice sends a message to Bob, it is encrypted with Bob's public key.
- Only Bob's private key can decrypt it. The message travels through servers as encrypted ciphertext.
- Even if the service's servers are hacked or served a legal order, the encrypted messages are unreadable without the private keys.
Apps With True E2EE
| App | E2EE by Default | Protocol |
|---|---|---|
| Signal | Yes (all messages) | Signal Protocol |
| Yes | Signal Protocol | |
| iMessage | Yes (between Apple devices) | Apple's protocol |
| Telegram | Only in "Secret Chats" | MTProto |
| Standard SMS | No | None |
| Regular email | No (unless PGP used) | SMTP (unencrypted by default) |
Does E2EE Protect Metadata?
E2EE protects message content, not metadata. The service can still see who is messaging whom, when, and how frequently. Signal minimizes metadata collection; most other apps do not.
People Also Ask
- Why would someone use end-to-end encryption?
- To ensure private conversations remain private from the service provider, hackers who breach servers, and government requests for data. It is the standard for secure personal and professional communication.
- Is it good to turn on end-to-end encryption?
- Yes. For apps that offer it as an option (Telegram's Secret Chat mode), enabling it is always better for privacy. Signal and WhatsApp are E2EE by default - nothing to enable.
Related: VPN encryption | SSL/TLS