All right. Here’s a simple explanation of how end-to-end encryption works. Recently there’s been a healthy amount of chatter in the news regarding WhatsApp, and i’ve noticed more and more of my contacts using (installing at least) Signal on their phones. This will give you an idea essentially of how our text message convos go when unencrypted and encrypted, and you’ll, hopefully, come away with why it’s important. I’ll probably do a more extensive write-up later if the public wants it.
Anyways. Imagine we’re all in a classroom. You want to send Bobby a message so you write it on a piece of paper, fold it into an airplane then throw it to them. They receive the plane, open it, read the message, write a response on a different piece of paper, then throw it to you.
Before it gets to you, since the writing is on the side of the plane in plain English, classmates Becky and John are able to see parts of the message as the plane flies by: today…FunTime Pizza…4:30pm. They may not know full details of what that means, but they know something is happening today at FunTime Pizza at 4:30pm.
Note: Dwayne and Sacha or anyone else noticing the plane flying by could have done more than just glanced at the contents—they could’ve grabbed it out the air, read the message in its entirety (even changing some stuff), before sending it along its merry way as if nothing happened.
So, to prevent the rest of your classmates from reading said missives, this is where end-to-end encryption comes in—think Signal phone app and what WhatsApp is supposed to have implemented.
This type of encryption uses what are called a PUBLIC key and a PRIVATE KEY.
Using a computer program, this pair of keys will be generated. The pair is unique and mathematically linked. Think of a PUBLIC key as the blueprint or schematics for a locked box. This locked box can ONLY be opened with the PRIVATE key linked to the PUBLIC key. So …
Bobby supplies their PUBLIC key (here’s an example of one):
AAAAB3NzaC1yc2EAAAADAQABAAABAQCwCnDZ8pjQNTnJ6kureXUxmtp0iXzUCmiB1yv8APFsDclWaTawQmhRda/QSTHNMgIHWrbOqMl+o8eYrVDumsk1ziHHtt0g/GLjqinOuhPKrKoQ81geB2h/kJHOf+d4ljavJ8mbNNKrzxMVAW71w+NVlpEqbZG1xrq4cTAGRfH3MLVHefHeN7sKDTf6wsiebehlAwRQ1YpyvUXb0YeIZpDeXRImM4nK91YrffhclcpwdOzYBZQUfW2yEGOHik2YKVZyxZtmZ0IbkP+sUJMJG0b3g9ZY9vPtKYiUbal0RqKtHw+mssQNm1Xaax1wfJ0iY3FswjCpGgX4zhhfywVix2Mn
You write your message and encrypt it using Bobby’s PUBLIC key above. Essentially you create a lockbox around your message that can ONLY be opened using Bobby’s PRIVATE key (which MUST ALWAYS be kept a secret for this reason).
Hope you’re still with me.
So after encrypting your message you send it along to Bobby. John, Sacha, and Ralph each get their hands on the paper airplane, but without Bobby’s PRIVATE key, the trio cannot decrypt the message—it’s just jibberish to them so they just send it along.
Bobby gets the message, encrypts their response using your PUBLIC KEY and replies. Same as above, y’all messages are private. Yay!
I hope that made sense … lol.
There are several other details (that are kinda important) but they aren’t essential to understanding the basics of how this type of encryption works, and why it’s important.
Signal works for Android and iOS devices. WhatsApp does as well, but there’s been recent backlash with their implementation of Signal’s protocols—resulting in some leaks and whatnot.
Look out for future posts. And if you have any comments or questions, please hit me below.
Cheers.
[…] secure (encrypted), dedicated connection for your internet activity. Read my article on how end-to-end encryption works so you understand why that’s important. VPNs in addition to having secure browsing, have […]