When it comes to computers, convenience and security are often at odds. A simple, easy-to-use system that you can’t lock yourself out of tends to be less secure than something a little less user-friendly. This is often the case with end-to-end encryption (E2EE), a system in which messages, backups, and anything else can only be decrypted by someone with the right key—and not the provider of the service or any other middlemen. While much more secure, it does have some issues with convenience, and it’s been in the news a lot lately.
The UK Parliament is currently considering its long awaited Online Safety Bill, which would essentially make secure end-to-end encryption illegal. Both WhatsApp and Signal, which use E2EE for their messaging apps, said they would pull out of the UK market rather than compromise user security.
Slack, on the other hand, doesn’t use E2EE to protect its users. This means that Slack can theoretically access most messages sent on its service. (The highest paying corporate customers can use their own encryption set up, but the bosses or IT department can then read any employee messages if they are the ones in control of the key.) Fight for the Future, a digital rights group, has just launched a campaign calling on Slack to change this, as it currently “puts people who are seeking, providing, and facilitating abortions at risk in a post-Roe environment.”
Finally, Google has updated its two-factor Authenticator app to allow the secret one-time codes that allow you to log in to sync between devices. This means that users don’t need to reconfigure every account with 2FA set up when they get a new phone. Unfortunately, as two security researchers pointed out on Twitter, Google Authenticator doesn’t yet use E2EE, so Google—or anyone who compromised your Google account—can see the secret information used to generate 2FA one-time codes. While exploiting this might take work, it fatally undermines what’s meant to be a secure system. In response, Google has said it will add E2EE, but has given no timeline.
[Related: 7 secure messaging apps you should be using]
For such an important technology, E2EE is a relatively simple idea—though the math required to make it work is complicated and involves factoring a lot of very large numbers. It’s easiest to understand with something like text messages, though the same principles can be used to secure other kinds of digital communications—like two-factor authorization codes, device back ups, and photo libraries. (For example, messages sent through iMessage, Signal, and WhatsApp are end-to-end encrypted, but a standard SMS message is not.)
E2EE generally uses a system called public key cryptography. Every user has two keys that are mathematically related: a public key and a private key. The public key can genuinely be public; it’s not a secret piece of information. The private key, on the other hand, has to be protected at all costs—it’s what makes the encryption secure. Because the public key and private key are mathematically related, a text message that is encoded with someone’s public key using a hard-to-reverse algorithm can only be decoded using the matching private key.
So, say Bob wants to send Alice an encrypted text message. The service they’re using stores all the public keys on a central server and each user stores their private keys on their own device. When he sends his message, the app will convert it into a long number, get Alice’s public key from the server (another long number), and run both numbers through the encryption algorithm. That really long number that looks like absolute nonsense to everyone else gets sent to Alice, and her device then decrypts it with her private key so she can read the text.
But this example also highlights where E2EE can cause headaches. What happens if Alice loses her device containing her private key? Well, then she can’t decrypt any messages that anyone sends her. And since her private key isn’t backed up anywhere, she has to set up an entirely new messaging account. That’s annoying if it’s a texting app, but if it’s an important backup or a 2FA system, getting locked out of your account because you lost your private key is a very real risk with no good solution.
And what happens if Bob sends Alice a message about his plans for world domination? Well, if the UK government has a law in place that they must be copied on all messages about world domination, the service provider is in a bit of a bind. They can’t offer E2EE and perform any kind of content moderation.
This is part of why E2EE is so often in the news. While it’s theoretically great for users, for the companies offering these services, there is a very real trade-off between providing users with great security and setting things up so that customer support can help people who lock themselves out of their accounts, and so that they can comply with government demands and subpoenas. Don’t expect to see encryption out of the news any time soon.