End-to-end encryption

End-to-end encryption (E2EE) is a method of implementing a secure communication system where only the sender and intended recipient can read the messages. No one else, including the system provider, telecom providers, Internet providers or malicious actors, can access the cryptographic keys needed to read or send messages.

End-to-end encryption prevents data from being read or secretly modified, except by the sender and intended recipients. In many applications, messages are relayed from a sender to some recipients by a service provider. In an E2EE-enabled service, messages are encrypted on the sender's device such that no third party, including the service provider, has the means to decrypt them. The recipients retrieve encrypted messages and decrypt them independently on their own devices. Since third parties cannot decrypt the data being communicated or stored, services with E2EE are better at protecting user data from data breaches and espionage.

Computer security experts, digital freedom organizations, and human rights activists advocate for the use of E2EE due to its security and privacy benefits, including its ability to resist mass surveillance. Popular messaging apps like WhatsApp, iMessage, Facebook Messenger, and Signal use end-to-end encryption for chat messages, with some also supporting E2EE of voice and video calls. As of May 2025, WhatsApp is the most widely used E2EE messaging service, with over 3 billion users. Meanwhile, Signal with an estimated 70 million users, is regarded as the current gold standard in secure messaging by cryptographers, protestors, and journalists.

Since end-to-end encrypted services cannot offer decrypted messages in response to government requests, the proliferation of E2EE has been met with controversy. Around the world, governments, law enforcement agencies, and child protection groups have expressed concerns over its impact on criminal investigations. As of 2025, some governments have successfully passed legislation targeting E2EE, such as Australia's Telecommunications and Other Legislation Amendment Act (2018) and the Online Safety Act (2023) in the UK. Other attempts at restricting E2EE include the EARN IT Act in the US and the Child Sexual Abuse Regulation in the EU.[1] Nevertheless, some government bodies such as the UK's Information Commissioner's Office and the US's Cybersecurity and Infrastructure Security Agency (CISA) have argued for the use of E2EE, with Jeff Greene of the CISA advising that "encryption is your friend" following the discovery of the Salt Typhoon espionage campaign in 2024.

This article is issued from Wikipedia. The text is available under Creative Commons Attribution-Share Alike 4.0 unless otherwise noted. Additional terms may apply for the media files.