End-to-End Encryption (E2EE)
What is End-to-End Encryption (E2EE)?
End-to-End Encryption (E2EE)An encryption model in which only the communicating endpoints hold the keys, so intermediate servers and network operators cannot read the plaintext.
End-to-End Encryption (E2EE) means that data is encrypted on the sender's device and decrypted only on the recipient's device, with no intermediary — including the service provider — possessing the keys. Modern E2EE typically combines an asymmetric key-agreement step (X3DH, ECDH on Curve25519) with an authenticated symmetric ratchet (AES-GCM or ChaCha20-Poly1305) and forward secrecy, as standardized for messaging in the Signal Protocol and IETF MLS (RFC 9420). Signal, WhatsApp, iMessage, Threema, Wire, Matrix/Element, ProtonMail and Apple's Advanced Data Protection for iCloud all rely on E2EE. The model resists server compromise and lawful-but-targeted access requests but introduces hard problems around device verification, key transparency, group membership, and backup recovery.
● Examples
- 01
Signal protecting one-to-one and group chats with the Double Ratchet algorithm.
- 02
Apple's Advanced Data Protection extending E2EE to iCloud Backup, Photos, and Notes.
● Frequently asked questions
What is End-to-End Encryption (E2EE)?
An encryption model in which only the communicating endpoints hold the keys, so intermediate servers and network operators cannot read the plaintext. It belongs to the Identity & Access category of cybersecurity.
What does End-to-End Encryption (E2EE) mean?
An encryption model in which only the communicating endpoints hold the keys, so intermediate servers and network operators cannot read the plaintext.
How do you defend against End-to-End Encryption (E2EE)?
Defences for End-to-End Encryption (E2EE) typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for End-to-End Encryption (E2EE)?
Common alternative names include: E2EE, End-to-end crypto.