EPFL Logo
fr|en
Login
Concept

End-to-end encryption

End-to-end encryption - Wikipedia
End-to-end encryption - Wikipedia

End-to-end encryption (E2EE) is a private communication system in which only communicating users can participate. As such, no one, including the communication system provider, telecom providers, Internet providers or malicious actors, can access the cryptographic keys needed to converse. End-to-end encryption is intended to prevent data being read or secretly modified, other than by the true sender and recipient(s). The messages are encrypted by the sender but the third party does not have a means to decrypt them, and stores them encrypted. The recipients retrieve the encrypted data and decrypt it themselves. Because no third parties can decipher the data being communicated or stored, for example, companies that provide end-to-end encryption are unable to hand over texts of their customers' messages to the authorities. In 2022, the UK's Information Commissioner's Office, the government body responsible for enforcing online data standards, stated that opposition to E2EE was misinformed and the debate too unbalanced, with too little focus on benefits, since E2EE "helped keep children safe online" and law enforcement access to stored data on servers was "not the only way" to find abusers. In many messaging systems, including email and many chat networks, messages pass through intermediaries and are stored by a third party, from which they are retrieved by the recipient. Even if the messages are encrypted, they are only encrypted 'in transit', and are thus accessible by the service provider, regardless of whether server-side disk encryption is used. Server-side disk encryption simply prevents unauthorized users from viewing this information. It does not prevent the company itself from viewing the information, as they have the key and can simply decrypt this data. This allows the third party to provide search and other features, or to scan for illegal and unacceptable content, but also means they can be read and misused by anyone who has access to the stored messages on the third-party system, whether this is by design or via a backdoor.

Official source
About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.
Related courses (9)
COM-401: Cryptography and security
This course introduces the basics of cryptography. We review several types of cryptographic primitives, when it is safe to use them and how to select the appropriate security parameters. We detail how
COM-506: Student seminar: security protocols and applications
This seminar introduces the participants to the current trends, problems, and methods in the area of communication security.
CS-234: Technologies for democratic society
This course will offer students a broad but hands-on introduction to technologies of human self-organization.
Show more
Related lectures (32)
Anonymous Communications: Mix Networks
Explores mix networks for anonymous communication, addressing security issues, broken designs, mixing strategies, and challenges in distribution.
Zoom Encryption: E2E & Identity Properties
Explores the implementation of E2E Encryption in Zoom meetings, focusing on key management, identity verification, and real-time security measures.
Privacy Technologies: End-to-End Encryption and Metadata Protection
Explores end-to-end encryption, metadata sensitivity, and the role of traffic analysis in intelligence gathering.
Show more
Related publications (38)
Show more

Copyright © 2025 EPFL, all rights reserved

Graph Chatbot

Chat with Graph Search

Ask any question about EPFL courses, lectures, exercises, research, news, etc. or try the example questions below.

DISCLAIMER: The Graph Chatbot is not programmed to provide explicit or categorical answers to your questions. Rather, it transforms your questions into API requests that are distributed across the various IT services officially administered by EPFL. Its purpose is solely to collect and recommend relevant references to content that you can explore to help you answer your questions.