End-to-end encryption is the process of encoding information between a sender and a recipient so that only the sender and the recipient can decrypt the message. Let's say Alice and Bob want to talk. Being normal human beings, they would like a little privacy - especially from their friend Charlie! Good luck for them, end-to-end encryption comes to the rescue. Thanks to this cryptographic marvel, Alice and Bob can communicate in total privacy far from Charlie’s prying eyes.
How cool is that? And that’s not even the best part! Which is: however powerful Charlie is, he can not decrypt their messages, not even in a million years. Charlie could even be the king of the world: it doesn’t matter. As a wise man once said, "the universe believes in encryption."
Yeah, that sounds very nice and cool but … how does it work? Let’s have a look.
End-to-end encryption is a well-known method used in networking to guarantee private communications between two parties. It converts a message from plaintext to ciphertext, preventing potential eavesdroppers from decrypting the message. The cool thing is, the two parties don't have to previously agree on the encryption key - meaning that end-to-end encryption (E2EE) allows two strangers to communicate in total privacy. In other words, E2EE is an implementation of asymmetric cryptography.
Cryptography, just to make sure we're on the same page, is the art of private communication. It protects your WhatsApp messages, the hypertext transfer protocol at the cornerstone of the world wide web, even your bank account. Basically, it's everywhere. But actually, it’s nothing new. Today, privacy is often held in low regard, but in the past it was an art. The same way you don’t want anyone to read your messages, so did generals and kings of the good ol' days.
The first and most famous example of encryption is the Caesar cypher. Named after Julius Caesar, this encryption protocol was used by the Divus Iulius to encode messages of military significance. It is very simple - so much so that you probably used it yourself in elementary school to send notes to your friends during class. At least, I did.
The Caesar cypher is a substitution cypher. The two parties agree on a certain encryption key, which is nothing more than a protocol defining how to substitute letters in your message with some other letters of the alphabet. For instance, let’s say you want to send this message: “BARBARIANS WILL ATTACK IN THREE DAYS.” One way of using this method to encrypt this message would be to substitute each letter of the message with the very next letter down the alphabet. You see what I just did? I just spelled out the protocol to decrypt and encrypt the message - in other words, the key. The message would appear like this.
CBSCBSJBOT XJMM BUUBDK JO UISFF EBZT
Sounds cool, right? The problem with this method is that you must first send a non-encrypted message where you share the encryption key in plaintext. Ok, you could meet in person, but that would still expose you and your co-conspirator to the attention of anyone keeping tabs on you. And if your recipient lives very far away, this is straight out impossible.
What you just read is called symmetric encryption. Why symmetric? Because the same key is used to encrypt and decrypt the message. Mind you: symmetric key is not synonymous with bad. In fact, it's still used today - well, not the Caesar cypher, of course.
Asymmetric cryptography, on the other hand, employs two keys - one to encrypt the message and the other to decrypt it. How is that possible? The magic ingredient is one-way functions. (Yeah, we're diving into mathematical waters, I know, but trust me: it's simple. And also cool.)
A one-way function is a function that is easy to run but hard to invert. You didn't understand a thing, right? Let me explain. Imagine a number - say, 2133. What are the smallest prime numbers that multiplied together will give you 2133 as a result? It’s hard, right? The solution is - I looked it up - 3 x 3 x 3 x 79 - or, put it another way, 27 x 79. This is what is called “factorization.”
The cool thing about factorization, or factoring, is that if I just give you 27 and 79, verifying that their product is 2133 is a no-brainer. You just take your calculator, and voila! It’s just the inverse that is hard. (Hard meaning it can’t be solved in polynomial time, but we don't need to go that deep into math. Suffice to say that brute force is your only option.)
So, back to the topic. Asymmetric cryptography, also called public-key cryptography, works through a pair of keys - a private key that you must keep to yourself and a public key that you can distribute in the open. In short, both the sender and the recipient have their own set of private and public keys. Each of them can use the other party’s public key to encrypt a message that can only be decrypted via the other party’s private key.
To a certain extent, you can equate your public key to your address and your private key to your password. Now, the super cool thing is, since private and public keys are generated via one-way functions, it is literally impossible to break the encryption. Well, not exactly - it just takes longer than the age of the universe.
Get it? This, my friend, is end-to-end encryption.
So, you learned what end-to-end encryption is. Want to send private messages? No problem. Just find an instant messaging or email service provider that supports E2EE. Right? Wrong. End-to-end encryption does not equate to privacy. Why? Remember what I told you.
The sender’s and recipient’s public and private keys are, please forgive me, key to ensure that no one can decrypt the message. The issue is, where are they stored? That’s the whole point. If the service provider tells you that, no worries, your messages are end-to-end encrypted and we are holding your keys, that, my friend, is how you get screwed. In fact, you should assume that your nice and kind service provider uses the key you just gave him (i.e. server-side encryption) and can access your messages left and right.
Wait a minute… didn’t I tell you what is server-side encryption?
Related reading: Cloud storage privacy & security: 7 things to consider
Both server-side encryption and client-side encryption are processes of encrypting information between a sender and a recipient. The difference between the two is who generates and holds the private keys. In the case of server-side encryption, the server generates and holds the private keys. In the case of client-side encryption, the client generates and holds the private keys.
As you might assume, the difference is enormous. In case of server-side encryption you are trusting the server with your keys the same way you can give your neighbor the key to your door while you are on vacation. Theoretically, the neighbor could break into your house, but since you trust them, you assume they don’t. Client-side encryption, on the other hand, means that you hold your key and no one else.
Of course, this implies that if you lose your key for any reason, you won’t be able to get back into your house. Why? Because cracking an encryption key is not as easy as lockpicking. As I told you above, brute-forcing a one way function is not really an option.
Does this mean I lied to you when I gave you the definition of end-to-end encryption? Yes and no. That’s the problem with these definitions - they evolve. Truth be told, they are marketing weapons to make you feel safe. Many companies claim to employ end-to-end encryption, while they actually store your private keys. They employ what is now called encryption in transit or transport encryption. Which means: they encrypt your messages while in transit, but they hold your private keys. Translated: your messages are still inaccessible by unauthorized recipients, but who gets to decide who is authorized and who isn’t? You and, depending on the situation, your service provider. If law enforcement knocks on their door, you can bet they’re going to authorize them.
Does that mean you shouldn’t trust WhatsApp with your private stuff? No. Unlike Telegram, WhatsApp uses end-to-end encryption - basically, in-transit encryption + client-side encryption. What is the difference? Simply that WhatsApp can’t show your messages to the police even if they wanted to. In other words, WhatsApp, unlike Telegram, protects your privacy.
Related reading: What is secure file transfer & why it changes the game
As you can see, end-to-end encryption explained in layman's terms is a piece of cake to understand. But odds are you've heard about at-rest encryption. What is it? At-rest encryption is encryption on data that is not in transit. Your hard drive, for example. Let’s say you are a special agent guarding some X-Files kind of secret and hostile forces are looking for you. If they catched you, they’d uncover the conspiracy, and you don’t want that. How do you make sure that, whatever happens, your secret dies with you? Easy. At-rest encryption.
At-rest encryption is exactly what you think it is. Basically, you encrypt your hard drive with some encryption protocol so that no one without the encryption key can pry into your stuff. Easy peasy.
At this point of the article you might wonder: what are the advantages of true E2EE? What are the pros? There you go:
End-to-end encryption explained in a single sentence is a process to encode a message so that only the sender and the receiver can decrypt the message, and no one else. In other words, the concept of end-to-end is akin to zero-knowledge encryption, with the difference that while zero-knowledge applies to cloud storage, E2EE applies to networking.
Now that you know what end-to-end encryption is, do you want to give it a try? Then, you are in the right place.
Cubbit is a peer-to-peer, end-to-end encrypted cloud storage platform. Rather than storing the user's files in a proprietary server farm, Cubbit leverages a network of Cubbit Cells, which are servers in the users' hands. Files you store in Cubbit are not inside your Cell – they’re encrypted with AES-256 and split into chunks, which are then copied in multiple shards via error-correcting codes to ensure redundancy. Then, each shard is distributed over the network, one shard per Cubbit Cell. Should one shard go offline, Cubbit makes new ones automatically - all without ever getting access to your files.
This is made possible by Cubbit’s zero-knowledge cryptographic architecture. Indeed, the platform is built upon the concept of privacy by design. In simple terms, this means that no one without your consent could ever look into your files, not even Cubbit.
If you are curious, order a Cubbit Cell and try Cubbit for 30 days. It’s totally risk-free. What if you discover it’s not for you? No problem! You’ll be able to return your Cell for free and we’ll issue a full refund, no questions asked.
Subscribe not to miss new articles and updates about Cubbit.
Cinquanta aziende provenienti da tutto il territorio italiano e da svariati settori - servizi, ICT e tecnologia, industria, meccanica di precisione, consulenza, cooperative e consorzi, PA, agroalimentare e FMCG - hanno aderito al programma della startup bolognese membro di GaiaX. Prende così vita, a partire dall’Italia, la prima rete B2B di cloud storage distribuito in Europa.
Wouter is a patent attorney, formerly at Nokia. After the WeTransfer security flaw, he switched to Cubbit for a file backup with end to end encryption.
Intervistiamo Daniele Righi, Chief Innovation & Business Development Officer di Linkem - riguardo alla sperimentazione Linkem & Cubbit per un nuovo paradigma di cloud distribuito.
Learn how you can secure your files in the safest place on the internet - plus subscriber-only special news and offers.