E2EE - End-End Encryption

So, whenever you start a chat with someone on WhatsApp let’s say, you might have seen this little yellow-colored prompt stating ‘Messages and calls to this chat is safe and secure because it is end to end encrypted’. But do you know what exactly does that mean? And why do we need it?

The wireless medium which we are using for almost all our communication is a shared medium, so if not encrypted, someone else in the same medium can easily eavesdrop and sniff on your data. That’s why we go for encryption. So, what is encryption? It’s basically like when you were young, in your school days, if you want to say something to your best friend and don’t want any other person to understand, you might have used this secret code language that only you and your friend knows, though others can hear what you’re saying, they cannot understand it, since they don’t have the key to decode what you’re saying, that’s exactly what this encryption is all about. And end to end encryption means this encryption process is done at the endpoints of the communication.

Yea, okay, first let’s see how actually these communication services work. So, for example, when you first install WhatsApp, it connects you to its server. Then it asks you to identify yourself so that it can correctly transfer the messages to and from you. This is our sign-up process, basically, it identifies us with our phone number or username. Now that we have connected to the server and have our own identity, let’s start chatting, shall we? Then, when you send a message to your friend, it travels through the connection between you and the server, after which, the server identifies who’s the recipient is, then transfers the message to your friend. Video calls and audio calls also operate the same way, but the servers used for those, are more powerful and capable of handling streaming audio and video.

As you’ve seen, numerous connections are made when you send a message, and anyone can bypass these connections and gain access to your data, or they may breach the servers and find out what you’re talking to that friend of yours. Now, we don’t want that, do we? With end-end encryption, the messages are encrypted and decrypted at the ends of the conversations, so that no one in the middle can read your messages.

For example, let’s say Sridhar wants to send his friend Krishnan a message. Both Sridhar and Krishnan will have two keys, a public key, and a private key. The public key will be shared with everyone, but no one will know your private key. Now, coming to our example, when Sridhar wants to say ‘Hello’ to Krishnan, the message will be encrypted using Krishnan’s public key, which may convert ‘Hello Krishnan’ into, let’s say ‘Invade Korea’, now Sridhar don’t want to invade Korea right, he just wanted to say hello. So, using the private key, Krishnan will be able to decipher the message properly and avoid sending any missile to Korea. Since, only Krishnan knows his private key, no one else will be able to understand what actually these two guys are up to.

So, air-tight secure right, well not quite, though end-end encryption hides the content of the message, it doesn’t do any good regarding the metadata, which means, the server will be still aware of the fact that you sent a message, to whom you send it, when you send it, how often you are talking to this person and such. Some people even claim that with these secure communications, it enables criminal activities and it is hard to track those unfortunate things.

That’s it guys, hope I didn’t bore you with this. Anyways, regardless, Thank you for reading......Digitally Yours ✌️