End-to-end encryption
keeps your files secure
Stay safe with the world’s best data security method. End-to-end encryption is your way of making sure that no unauthorized party will be able to open your files.
Choose a PlanWhat does end-to-end encryption mean?
End-to-end encryption is a method of connecting two or more parties so no outsiders can spy on them. As you can imagine, this technology is priceless for government spies. But now end-to-end encryption finds more and more uses in everyday situations, like messaging a friend or sharing sensitive data.
The more people and devices go online, the more we need secure and private means of communication, like end-to-end encryption, or E2EE.
How does end-to-end encryption work?
End-to-end encryption secures a message between two devices, or endpoints. How is it possible to protect something so that only two people, and no one else besides them, have the password to access it? The answer lies in the key exchange.
Key exchange is an essential part of communication that allows it to stay private. The cryptographic keys are stored on the endpoints and enable both users to encrypt and decrypt the messages. Thanks to asymmetric encryption algorithms, the two parties never expose the whole encryption key during the exchange. The public part of the key is enough.
The sender encrypts a message using their secret key with the recipient’s public key and sends it to the recipient. When your message is “in transit, meaning it travels from point A to point B via Wi-Fi, fiber connection, or mobile network, it is secure as well because the file remains encrypted. This is to say, no matter if you are at the airport, cafe, or any other public place where there is a greater risk of someone trying to steal your data, your data is safe and sound.
Why is end-to-end encryption important
There are several reasons why we need end-to-end encryption. Some touch upon the individual’s right to privacy, while others are important on a much larger scale.
People don’t usually have a lot to hide, but they do have something to protect. It’s a matter of privacy. If big tech companies got their way, people’s emails, photos, and personal details would all be categorized in databases for profit. Even if you trust the companies and their algorithms, you must understand that mistakes happen. Algorithms are biased because they’re built by people. They can flag data that they have no good reason to flag. As a result, people’s files get deleted, or worse, implicated in crimes they have never committed.
On a larger scale, there’s a narrative that tech companies already own everything, so privacy is a lost cause. That corporations don’t care about your files and chats, so it’s not a problem if they have them. That’s not true. Think about dystopian movies like Blade Runner. We’re not there yet. But if we don’t protect our privacy, every second of our lives will become commoditized.
The benefits of end-to-end encryption
There are many advantages of end-to-end encryption. While it all depends on what you want to achieve with it, its main benefits focus on privacy and security.
Deter cyber attacks
Hackers always look for the easiest target. Using end-to-end encryption puts up additional layers of security, making it clear that stealing data from you will be incredibly difficult.
Protect data
Even if, by accident or otherwise, the company would allow hackers to get into their network, they would get nothing. Data protected with end-to-end encryption looks like a scrambled mess to anyone without access rights.
Keep data private
When you allow big companies to “take care” of your data, you give them the right to analyze it however they want and use it for profit. But when you hold the keys, you prevent data scrapers and snoopers from getting to your files.
Preserve the integrity of the service provider
Actually, end-to-end encryption works both ways. In addition to protecting the user, it also helps the organization. When the company doesn’t have access to its users’ data, there is less risk of leaking it and damaging the company’s reputation.
Preserve the integrity of the service provider
Authoritarian regimes want to know what you do at all times. In this data-driven world, even democratic countries find benefits of snooping on the affairs of their citizens. Without end-to-end encryption, democracy would suffer because journalists, activists, and whistleblowers would have to take much higher risks.
Who can benefit from end-to-end encryption?
In recent years, the public has become aware of the data collection, surveillance, and profiling that follow every click online. End-to-end encryption gives the power back to users, allowing them to control what they share and what stays private in a few clicks.
End-to-end encryption is crucial for communication: audio, video, data sharing, and any other type. It provides security to journalists and whistleblowers. It's also a way for businesses and government institutions to communicate with clients and protect their data from hackers. Even mundane web browsing is more secure because end-to-end encryption defends users from snoopers, tracking algorithms, and low-ethics brands.
Can end-to-end encryption be hacked?
Yes, end-to-end encryption is arguably the safest way to store data. While it also has disadvantages, this kind of security limits third parties from accessing the data without your permission. End-to-end encryption is appealing because data security doesn’t depend on the device or the server used to store it. Even if someone breaks in and steals the data, they can’t decrypt it.
Disadvantages of end-to-end encryption
End-to-end encryption does have its disadvantages. It prevents big companies from analyzing your data, so it may lead to limited access to app features. For example, without the metadata of your photos, Google couldn’t sort them by date or location.
Also, while end-to-end encryption keeps your data secure, you must remember that device security is paramount. Even advanced encryption algorithms can’t protect you if you keep your passwords on a sticky note. That’s why you should protect your account with additional layers of security like PIN codes, recovery keys, and multi-factor authentication.
How does NordLocker use end-to-end encryption?
If you want to share files securely via NordLocker, end-to-end encryption will make sure that only the intended recipient will be able to access them. You can exchange keys by granting the person permission to access your locker. To do that, right-click on one of your local lockers and select Share locker. Then, enter the recipient’s email address and click Add.
If you’re sharing your locker with a NordLocker user, the locker will sync to their cloud. If not, we’ll lead them through the account registration and help them get access to your shared locker.
Also, thanks to the new “Share Via Link” feature, you can create a copy of an encrypted file and share it with anyone you want using a securely generated link (URL). The recipient has to provide a dedicated security code (created together with the link) to access the file.
Here’s a real-life example of how E2EE works in NordLocker
Two people, Christina and John, create their NordLocker accounts to be able to exchange encrypted files. NordLocker provides each with a public key and a private key. While their public keys are stored on a NordLocker server, their private keys are kept on their personal devices.
When Christina wants to send an encrypted file to John, she encrypts her file using John’s public key and sends it to John. To decrypt the file he received from Christina, John must use the private key on his device.
Similarly, when it is John who wants to share an encrypted file with Christina, he encrypts his file with her public key so that Christina can open it with her private key. Simple, right?
Choose a plan that’s right for you
Frequently asked questions
E2EE encrypts communication directly between the users of a particular system so that no one else can have access to whatever they are sharing. TLS provides encryption between individual users and service providers. To use an analogy, if you could encrypt a physical letter using E2EE and send it to someone, it would mean that no one could open it but the receiver. However, if you used TLS to encrypt the letter, the post office would be able to have a peak.
Having end-to-end encryption on your phone means that you can encrypt files that are stored on your mobile device. What it also means is that your phone can be an endpoint in the E2EE communication. In other words, you can use your mobile device to share and receive encrypted files.
To unlock, or to be more specific, to decrypt a file you must have a key. If someone sent you an encrypted file it means they had used your public key to encrypt it. To open it, you must use your private key. There’s no way around it.
Both the E2EE algorithm and the keys you use to encrypt and decrypt files are so complex that some say it would take hundreds if not thousands of years to crack them. So, no matter if they are at rest or in transit, your encrypted files are virtually unreadable to anyone but yourself and the people you send them to.
End-to-end encryption can be beneficial to both the user and the service provider. This technology prevents third parties from eavesdropping on your conversations, emails, and cloud data. This way you, the user, get to control what companies and governments can know about you. And if you’re a service provider, end-to-end encryption helps you boost the security of the data you keep and, as a result, your reputation.
Contact us so we can help.