End-to-end encryption

You wouldn’t want anyone tearing open your letters before they reach your mailbox. The same goes for emails. End-to-end encryption was created so your emails can safely arrive in your inbox without anyone looking at your messages before you do. Wondering “what does encrypting an email do?” Want to know exactly how end-to-end encryption works? We’ve got you covered. Our end-to-end encryption guide will define encrypted messages, discuss how email encryption works, and its essential security benefits.

What does end-to-end encryption mean?

End-to-end encryption (E2EE) is a system of secure communication where only the users of the given communication can read the messages. NoNo third party is able to access the data while it's being transferred from one device to another through end-to-end encryption. In E2EE, the data is encrypted on the sender's system or device. Only the intended recipient with the valid decryption key can decrypt it. In other words, E2EE prevents unintended users, including third parties (such as the server carrying the data), from reading or modifying data meant only to be seen by the intended recipients.

Secure email encryption service

Most email providers use secured channels to send your message, but typically don’t use end-to-end encryption to encrypt your message. Unfortunately, this means that if the message data from your email is stolen during the sending process, the attacker will be able to read the message itself. If you need to know how to encrypt emails without end-to-end encryption – no problem. You can secure your messages with the following options, including: PGP encryption, email encryption certificate (S/MIME), DKIM, and more.

Some email providers, such as Protonmail, provide PGP encryption to encrypt your messages instead of end to end encryption. PGP stands for Pretty Good Privacy and was originally developed in 1991. For vast amounts of email communication, PGP is a good compromise. PGP encryption keeps your message content safe and it's easy to use on a wide range of mail servers and email applications. PGP is a technology that allows you to encrypt the message body and attachments similarly to E2EE, but the header is not encrypted. With PGP, the message will reach its destination correctly and the recipient will be able to view basic details about the message in their inbox.

You can also set up an email encryption certificate (or S/MIME certificate) to ensure that your messages are only read by the intended sender. This verifies the identity of the recipient with an official email digital signature.

DKIM was specifically created to prevent email spoofing – when a hacker uses your email address to send spam emails, which are then bounced back. Popular webmail providers like Gmail and Microsoft 365 offer DKIM to protect your email account.

End to end encryption messenger

Now that you know how to use end-to-end encryption for your emails, you’re probably asking “how can I encrypt my message?” Many chat and message apps now provide end-to-end encryption to make your communication more secure. Here are a couple of examples:

  • Google's Messages where you can enable the encryption per Conversation with a specific contact. The limitation is, however, that both you and the other participant of the chat need to use the Messages app to make use of the Google messages end to end encryption.
  • Whatsapp uses end to end encryption for all your messages by default and includes it as an option for your message backup.

A good question to consider when you’re choosing a secure messaging service is: what type of encryption algorithms does your app implement? Google Messages uses the Advanced Encryption Standard Algorithm (AES-256). WhatsApp uses the Curve25519 algorithm for end-to-end encryption. Both are regarded as reliable and secure.

What is salt in end-to-end encryption?

Salt adds even more protection to end-to-end encryption, meaning an extra element is added to the password used for encrypted messages. The salt essentially would further prevent hackers from being able to decipher the true password. Without salt, it’s easier for unauthorized users attempting to view an encrypted message to be able to figure out the password.

Salt is used as a part of the hashing process; which involves adding random numbers and letters to a password. Salt and hashing is recommended for anyone dealing with messages that require extra security. Users dealing with sensitive financial information or documents might opt for salt in end-to-end encryption to prevent important data from being stolen.

Symmetric encryption algorithms

What makes end-to-end encryption unique compared to other encryption systems is that only the endpoints (the sender and the recipient), are capable of decrypting and reading the message. Symmetric key encryption, which is also known as single-key or secret-key encryption, also provides an unbroken layer of encryption from sender to recipient. This method uses only one key to encrypt messages.

How to turn off end-to-end encryption

Although we personally recommend keeping end-to-end encryption turned on in order to keep your messages secure, some users might want to know how to turn off end-to-end encryption. Maybe you accidentally turned on end-to-end encryption and don’t have a need for it. Or perhaps the apps you use to communicate with friends and family are incompatible with your device. Regardless of the reason; it is possible to learn how to turn off encrypted messages for any device. We’ll walk you through turning off encryption for Android devices as an example:

  1. Access settings and select security.
  2. In the security section, you’ll have the option to decrypt your device.

You can always go back to security and enable end-to-end encryption again; even if you have decided to turn off end-to-end encryption on Samsung devices. The process will be similar for any device and application. Even messaging services like Whatsapp provide the option to disable end-to-end encryption; giving you full control over which security measures you’d like to implement.

Encryption in eM Client

eM Client has excellent security options to guarantee that your messages are safe. eM Client users can use S/MIME and PGP encryption for messages; which you can read about in our Email Encryption and Digital Signature guide. Our guide will help you get started so you can send encrypted emails immediately. You also have the option of creating your own PGP key and that can be used in eM Client. You can look up other users' public keys in the native eM Keybook service, Protonmail, and keys.openpgp.org to conveniently arrange secure communication with your contacts.

Download eM Client below to start a free 30-day Pro trial and see the benefits of secure communication for yourself! you!