ProtonBlog(new window)

What is end-to-end encryption and how does it work?

Share this page

The most private and secure way to communicate online is by using end-to-end encryption. If you send an end-to-end encrypted email(new window), it’s encrypted on your device (your iPhone, Android, or laptop) and isn’t decrypted until it reaches the device of the person you sent the message to.

End-to-end encryption (E2EE) has historically been very complicated, which limited who could effectively use it. An early iteration of E2EE for email, known as Pretty Good Privacy (PGP)(new window), required you to handle the encryption keys yourself, making it notoriously difficult even for tech-savvy users.

However, recent technological advances in device capabilities and secure protocols have enabled services (such as Proton Mail) to make end-to-end encryption much easier to use. In fact, Proton Mail handles all end-to-end encryption automatically – you don’t need to do anything.

This article explains what end-to-end encryption is, how it works, and its advantages over other types of encryption.

Get Proton Mail button

What is end-to-end encryption (E2EE)?

Encryption is the process of scrambling data that people can read (for example, a plaintext email) into unreadable ciphertext(new window) that only authorized parties can decrypt using the right cryptographic key.

End-to-end encryption is the term used for a type of encryption where your data is encrypted at every stage of its journey from one device to another. The ends in “end-to-end” refer to the beginning and final destination of your data’s journey. For example, if you’re sending an email, the beginning point is your device and the destination is your recipient’s device.

This makes end-to-end encryption a secure communication method that prevents all third parties from accessing the content of your messages, including while they are transferred from one device to another or “at rest” on a server. When you use E2EE to send an email to someone, no one else can see the content of your message — not your network administrator, not your internet service provider (ISP), not hackers, not the government, and not even the company that handles the delivery of your email (for example, Proton Mail). They can’t read your email because your recipient holds the only key that can decrypt it.

How does end-to-end encryption work?

To understand how end-to-end encryption works for email, it helps to look at a diagram. In the example below, Bob wants to say hello to Alice privately. Alice has a public key and a private key, which are two mathematically related cryptographic keys. Alice can share her public key with anyone, but she must keep her private key secure and not let anyone else access it. 

First, Bob uses Alice’s public key to encrypt his message, turning “Hello Alice” into ciphertext — scrambled, seemingly random characters.

Bob sends this encrypted message over the public internet. Along the way, it may pass through multiple servers, including those belonging to their email service and internet service providers. Although those companies may try to read the message (or even share it with third parties)(new window), it is computationally unfeasible for them to convert the ciphertext back into readable plaintext. Only Alice can decrypt the message with her private key when it lands in her inbox, as Alice is the only person with access to her private key.

If Alice wants to reply with her own end-to-end encrypted message, she would repeat the process, encrypting her message to Bob using Bob’s public key.

What is the difference between E2EE and other security paradigms?

End-to-end encryption is unique compared to other security paradigms because only the sender and receiver (the “ends” of the communication) can decrypt and read the data that has been encrypted. This differs from other security paradigms, such as point-to-point or in-transit encryption like the Transport Layer Security(new window) (TLS) protocol.

TLS is the security mechanism used in the HTTPS communication protocol(new window) that prevents hackers and your ISP(new window) from seeing what information you submit to websites (like your credit card number or address) and is responsible for encrypting most of the internet, including your connection to our blog right now. However, TLS is only implemented between endpoints of an HTTP channel. For example, as you’re reading our blog, HTTPS is using TLS to encrypt your connection between your device and our server. 

This works fine if you are connecting to a website, but it’s insufficient if you’re sending an email. When you use a standard email provider, such as Gmail(new window) or Hotmail, all traffic toward it, including emails sent to you, will be protected in transit by TLS. The same is true in reverse; Emails you send from a standard email provider are also encrypted using TLS and sent to your recipient’s email provider . However, all TLS-protected traffic is decrypted once it arrives at these companies’ servers, including your emails. Most companies will then re-encrypt your messages while they are stored on their servers – using keys they control. This means that the company can decrypt and access the content of your messages at any time.

Services that use end-to-end encryption eliminate this possibility because the service provider does not actually possess the private key required for decryption. With Proton Mail or any other E2EE service, your private key is only available on your device, making E2EE much more secure and private.

Advantages of end-to-end encryption services

End-to-end encryption offers multiple advantages over other security paradigms. Protecting your data with E2EE makes you less vulnerable to leaks or attacks, prevents your government or ISP from snooping on you, and even helps defend democracy.

E2EE keeps your data safe from hacks

When you use end-to-end encryption, fewer parties can access your unencrypted data. Even if hackers compromised the servers where your encrypted data is stored (as was the case with the Yahoo Mail hack(new window)), they would not be able to decrypt your data because they would not possess your private key.

E2EE ensures data is not tampered with

When set up correctly, end-to-end encryption guarantees data integrity across the whole path of a message. This is particularly important when sharing information that might not be sensitive but must be delivered correctly in its original form.

E2EE keeps your data private

End-to-end encryption prevents anyone from accessing your data, including the email service you are using. In contrast, if you use an email service that does not use end-to-end encryption, such as Gmail, it can access every intimate detail stored in your emails at any time, for any reason, without you ever knowing. In fact, Gmail regularly gives third-party developers access to your emails(new window).  Using an end-to-end encrypted email service gives you control over who can read your emails.

E2EE is good for democracy

Everyone has a right to privacy. End-to-end encryption protects free speech by preventing governments from accessing their citizens’ data and using the information stored in their emails to persecute or intimidate them. This is particularly important for dissidents, activists, and journalists who live under oppressive regimes.

How to use end-to-end encryption

Although you can set up end-to-end encryption yourself for some methods of communication, the easiest and fastest way to protect your privacy with E2EE is to use a service that implements it automatically for you.

As the first and largest end-to-end encrypted email provider, we protect millions of people every day. End-to-end encryption is the technological backbone of our vision for a more private and secure internet. When you use Proton Mail, your messages are automatically end-to-end encrypted whenever a public key is available for the recipient, including when you send an email to someone who uses Proton Mail or PGP.

You can use end-to-end encryption for free by signing up for a free Proton Mail account. With Easy Switch, you can also quickly transfer your emails and calendars to Proton from other, less private providers.

End-to-end encryption FAQs

What is ciphertext?

Ciphertext(new window) is unreadable encrypted data. An encryption algorithm scrambles plaintext (or human-readable data) into ciphertext, which can only be deciphered by a person or device that holds the unique decryption key. Without the decryption key, anyone who intercepted an encrypted message would only see ciphertext — an unreadable string of letters, numbers, and symbols.

What is encrypted with end-to-end encryption?

When you send an end-to-end encrypted message with Proton Mail, the message body and attachments are fully end-to-end encrypted whenever a public key is available for the recipient.
If you email a contact who isn’t using Proton Mail or PGP, the message will only be end-to-end encrypted if you use our Password-protected Emails feature. Otherwise, your message will be encrypted in transit (in most cases) with TLS and will be readable by your recipient’s email provider.
Proton Mail encryption explained

What are encryption keys?

An encryption key is a random string of bits used by an encryption algorithm to scramble plaintext into ciphertext. Some types of encryption use the same encryption key to encrypt and decrypt data (this is symmetric encryption), while others will have an encryption and a decryption key (this is asymmetric encryption). However, the most common encryption methodology is a combination of both, called hybrid encryption. Proton Mail’s end-to-end encryption protocol uses hybrid encryption.

What is PGP?

The most popular email encryption system in the world is PGP, which stands for Pretty Good Privacy. PGP is the encryption technique that transforms your messages into unintelligible ciphertext on your device before they are transmitted over the internet. Additionally, it verifies that the message was not altered while in transit and, if keys are obtained from a trustworthy source, it authenticates the sender’s identity.
Proton Mail’s end-to-end encryption is based on an open-source version of PGP.
Learn more about PGP(new window)

Protect your privacy with Proton
Create a free account

Share this page

Marco Martinoli(new window)

Marco is a member of Proton's Cryptographic team. He has a PhD in cryptography from the University of Bristol and a master's degree in mathematics and is equally comfortable with the theory and practical application of cryptography.

Related articles

What was your first pet’s name? In what city were you born?  We’ve all had to answer these questions to reset a long-forgotten password, but consider how that works. Much of this information is easy to find for others (or easily forgotten by you), m
In the early days when Proton started, we often received a question along the lines of “I love the product and what Proton stands for, but how do I know you will still be around to protect my data 10 years from now?”  Ten years and 100 million accou
Credential stuffing is a popular type of cyberattack where attackers take login credentials and use them on thousands of websites, hoping to fraudulently gain access to people’s accounts. It’s an effective attack, but fortunately, one that’s easy to
With Skiff abruptly shutting down operations, many people are on the lookout for alternatives that don’t compromise on privacy — and won’t suddenly disappear. People were attracted to Skiff because it promised privacy, no ads, end-to-end encryption,
Skiff is dead. On Feb. 9, the email company Skiff announced it was being bought by Notion. Many Skiff customers have been shocked by this news, as their inboxes have been sold out from under them. Skiff gave people six months to export their data be
Looking into the Dropbox privacy policy
Dropbox was the first mainstream cloud storage provider, and still the biggest player on the market, with 700 million users in 2022. We took a dive into Dropbox’s privacy policy to see how well the company protects the personal data of those millions