security

encyclopedia

O (1)

    END-TO-END-ENCRYPTION (E2EE)

    End-to-end encryption (E2EE) is a system for obfuscating data so that all persons who could potentially monitor a private exchange are unable to do so — except for the intended parties. E2EE is implemented to prevent eavesdropping.

    A system is said to be E2EE only when the cryptographic keys required to decrypt the conversation are held by the legitimate parties to the dialogue. Parties to an E2EE system encrypt data using a closely held mutual secret. Examples of the more closely held shared secret include a Pretty Good Privacy (PGP) pre-arranged string of characters and special characters. Another is a one-time secret derived from a PGP or other shared secret, called a Derived Unique Key Per Transaction (DUKPT).

    Strong encryption trough public key cryptography (PKC) is the underlying basis for messaging privacy because only the parties to the conversation hold private keys. For example, service providers that support true E2EE are ones that are unable to read plaintext communiques between users on their platform.

    Example:

    “To the dismay of law enforcement, the messaging apps that the alleged criminals used in the commission of a crime cannot comply with police demands for call logs. It’s not that these platforms are unwilling go comply — they are unable to do so because peer-to-peer conversations on their app use E2EE.”

    hypr_trial_ad
    hypr_trial_ad