Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
End-to-end encryption
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== Modern usage == {{Update section|date=November 2024|reason=begins with "As of 2016" and makes little-to-no mention of Signal, WhatsApp, and more}} As of 2016,<ref>{{Cite web|title=A history of end-to-end encryption and the death of PGP|url=https://www.cryptologie.net/article/487/a-history-of-end-to-end-encryption-and-the-death-of-pgp/|access-date=2020-10-30|website=www.cryptologie.net}}</ref> typical [[Server (computing)|server]]-based communications systems do not include end-to-end encryption.<ref>{{Cite book|last=Nabeel|first=Mohamed|title=2017 IEEE International Conference on Edge Computing (EDGE) |chapter=The Many Faces of End-to-End Encryption and Their Security Analysis |date=2017-06-23|chapter-url=http://dx.doi.org/10.1109/ieee.edge.2017.47|publisher=IEEE|pages=252–259|doi=10.1109/ieee.edge.2017.47|isbn=978-1-5386-2017-5|s2cid=3419988}}</ref> These systems can only guarantee the protection of communications between [[Client (computing)|client]]s and [[Server (computing)|server]]s,<ref>{{Cite web|date=2016-02-19|title=What is End-to-end encryption (E2EE) ?|url=https://www.gbnews.ch/what-is-end-to-end-encryption-e2ee/|access-date=2020-11-05|website=Geneva Business News {{!}} Actualités: Emploi, RH, économie, entreprises, Genève, Suisse.|language=fr-FR}}</ref> meaning that users have to trust the third parties who are running the servers with the sensitive content. End-to-end encryption is regarded as safer<ref>{{Cite book|last1=Bai|first1=Wei|last2=Pearson|first2=Michael|last3=Kelley|first3=Patrick Gage|last4=Mazurek|first4=Michelle L.|title=2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) |chapter=Improving Non-Experts' Understanding of End-to-End Encryption: An Exploratory Study |date=September 2020|chapter-url=https://ieeexplore.ieee.org/document/9229664|location=Genoa, Italy|publisher=IEEE|pages=210–219|doi=10.1109/EuroSPW51379.2020.00036|isbn=978-1-7281-8597-2|s2cid=220524858}}</ref> because it reduces the number of parties who might be able to interfere or break the encryption.<ref name="ssdeef">{{cite web|title=End-to-End Encryption|url=https://ssd.eff.org/en/glossary/end-end-encryption|website=EFF Surveillance Self-Defense Guide|publisher=Electronic Frontier Foundation|access-date=2 February 2016|url-status=live|archive-url=https://web.archive.org/web/20160305112131/https://ssd.eff.org/en/glossary/end-end-encryption|archive-date=5 March 2016}}</ref> In the case of instant messaging, users may use a third-party client or plugin to implement an end-to-end encryption scheme over an otherwise non-E2EE protocol.<ref>{{cite web|title=How to: Use OTR for Windows|url=https://ssd.eff.org/en/module/how-use-otr-windows|website=EEF Surveillance Self-Defence Guide|publisher=Electronic Frontier Foundation|access-date=2 February 2016|url-status=dead|archive-url=https://web.archive.org/web/20160120015142/https://ssd.eff.org/en/module/how-use-otr-windows|archive-date=20 January 2016}}</ref> Some non-E2EE systems, such as [[Lavabit]] and [[Hushmail]], have described themselves as offering "end-to-end" encryption when they did not.<ref>{{cite news|last1=Grauer|first1=Yael|title=Mr. Robot Uses ProtonMail, But It Still Isn't Fully Secure|url=https://www.wired.com/2015/10/mr-robot-uses-protonmail-still-isnt-fully-secure/|magazine=WIRED|language=en-US|url-status=live|archive-url=https://web.archive.org/web/20170309013643/https://www.wired.com/2015/10/mr-robot-uses-protonmail-still-isnt-fully-secure/ |archive-date=2017-03-09}}</ref> Other systems, such as [[Telegram (software)|Telegram]] and [[Google Allo]], have been criticized for not enabling end-to-end encryption by default. Telegram did not enable end-to-end encryption by default on VoIP calls while users were using desktop software version, but that problem was fixed quickly.<ref name="cpj-2016-05-31">{{cite web|title=Why Telegram's security flaws may put Iran's journalists at risk|url=https://cpj.org/blog/2016/05/why-telegrams-security-flaws-may-put-irans-journal.php|publisher=Committee to Protect Journalists|access-date=23 September 2016|date=31 May 2016|url-status=live|archive-url=https://web.archive.org/web/20160819013449/https://cpj.org/blog/2016/05/why-telegrams-security-flaws-may-put-irans-journal.php|archive-date=19 August 2016}}</ref><ref>{{Cite web|last=Hackett|first=Robert|url=http://fortune.com/2016/05/21/google-allo-privacy-2/|title=Here's Why Privacy Savants Are Blasting Google Allo|date=21 May 2016|website=Fortune|publisher=Time Inc.|access-date=23 September 2016|url-status=live|archive-url=https://web.archive.org/web/20160910182246/http://fortune.com/2016/05/21/google-allo-privacy-2/|archive-date=10 September 2016}}</ref> However, as of 2020, Telegram still features no end-to-end encryption by default, no end-to-end encryption for group chats, and no end-to-end encryption for its desktop clients. In 2022, [[Facebook Messenger]] came under scrutiny because the messages between a mother and daughter in [[Nebraska]] were used to seek criminal charges in an [[Abortion in the United States|abortion]]-related case against both of them. The daughter told the police that she had a miscarriage and tried to search for the date of her miscarriage in her Messenger app. Police suspected there could be more information within the messages and obtained and served a warrant against Facebook to gain access. The messages allegedly mentioned the mother obtaining [[Medical abortion|abortion pills]] for her daughter and then burning the evidence. Facebook expanded default end-to-end encryption in the Messenger app just days later.<ref>{{Cite web |last=Duffy |first=Sara O'Brien, Clare |date=2022-08-10 |title=Nebraska teen and mother facing charges in abortion-related case that involved obtaining their Facebook messages {{!}} CNN Business |url=https://www.cnn.com/2022/08/10/tech/teen-charged-abortion-facebook-messages/index.html |access-date=2024-07-26 |website=CNN |language=en}}</ref><ref>{{Cite web |last=Duffy |first=Clare |date=2022-08-11 |title=Meta testing expanded encryption features amid renewed scrutiny of messaging data {{!}} CNN Business |url=https://www.cnn.com/2022/08/11/tech/meta-messenger-encryption-tests/index.html |access-date=2024-07-26 |website=CNN |language=en}}</ref> Writing for ''Wired'', Albert Fox Cahn criticized Messenger's approach to end-to-end encryption, which was not enabled by default, required opt-in for each conversation, and split the message thread into two chats which were easy for the user to confuse.<ref>{{Cite magazine |last=Cahn |first=Albert Fox |title=Facebook's Message Encryption Was Built to Fail |url=https://www.wired.com/story/facebook-message-encryption-abortion/ |access-date=2024-07-27 |magazine=Wired |language=en-US |issn=1059-1028}}</ref> Some encrypted [[backup]] and [[file sharing]] services provide [[client-side encryption]]. This type of encryption is not referred to as end-to-end encryption because only one end has the ability to decrypt the data. However, the term "end-to-end encryption" is sometimes incorrectly used to describe client-side encryption.<ref>{{Cite web|title=Improving Non-Experts' Understanding of End-to-End Encryption: An Exploratory Study|url=https://www.researchgate.net/publication/342621891|access-date=2020-11-05|website=ResearchGate|language=en}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)