Don't miss an insight. Subscribe to Techopedia for free.

Subscribe
Advertisements

End-to-End Encryption

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects simply to a non-technical, business audience. Over…

Full Bio
View our Editorial Policy
Editor
checkmark
Editor
Last updated:

What Does End-to-End Encryption Mean?

End-to-end encryption (E2EE) is an asymmetrical approach to encrypting and decrypting data at the device level. E2EE was originally developed to protect the content of email messages as they traveled across the internet.

Advertisements

The goal of E2EE is to protect data in transit as it moves from a source to a destination. Messages and files are encrypted before they leave the sender's device and are decrypted when they reach the recipient's device. Servers along the transmission route can see routing information, but not the message's contents.

Techopedia Explains End-to-End Encryption

E2EE converts plain text to ciphertext at the device level. In this data protection scheme, the plain text contents of an email message can only be viewed by the sender and the receiver. Servers along the transmission route can see routing information, but not the message's contents.

Advantages of E2EE

The advantages of end-to-end encryption include the following:

  • E2EE discourages potential eavesdroppers and attackers from intercepting email messages and attached files.
  • Because encryption occurs at the device level, senders have greater flexibility when deciding which data to encrypt.
  • Because encryption keys are stored on endpoint devices, it significantly reduces the chance of key theft.

End-to-End Encryption vs. Confidential Computing

Increasingly, the term end-to-end encryption has been called a misnomer because it only applies to data in transit and potentially data at rest.

The problem is that E2EE was intended to support email privacy — but its use has been extended to software applications that typically need to decrypt data in order to process it. In the cloud, for example, data transfers are encrypted by the sender's device and then sent to a server that belongs to the service provider. The data is then decrypted for processing before being re-encrypted and sent on to its final destination. This leaves unencrypted data in use vulnerable to attack.

To protect data in use and make E2EE truly end-to-end, the Confidential Computing Consortium recommends a hardware-based approach to cybersecurity that allows data to stay encrypted while it is being processed in memory. This approach, which is called confidential computing, provides an additional layer of security for organizations that process sensitive or regulated data in the cloud and supports zero trust.

E2EE vs. Homomorphic Encryption

Confidential computing is considered by some industry pundits to be a hardware-based version of homomorphic encryption. While both approaches support computation on encrypted data, each has limitations. Homomorphic encryption is limited because it only supports specific arithmetic operations and confidential computing is limited because it only works with certain hardware.

Advertisements

Related Terms

Related Reading

Tags

Trending Articles

Blockchain
How ChatGPT is Revolutionizing Smart Contract and Blockchain
Blockchain
An Introduction to Blockchain Technology
Blockchain
How Do Cryptocurrencies Work?
Healthcare IT
AI in Healthcare: Identifying Risks & Saving Money
Advertisements