End to end encryption - Explained like I'm 5

February 09, 2023
manav@ente.io

Imagine a box. A box in which you put all your photos.

For safekeeping you give the box to a cloud storage service. But then, some nosy employees start peeking into the box.

Meanwhile, the cloud service company is training an AI, and for training their AI they need lots of data. So they cannot resist, and open the box so that they can train their AI on all the photos inside the box.

By now, the government also wants to join-in on the snooping, and demands (and gets) access to the box.

All this, when you are already paying the cloud service for storing your data!

While one can still excuse the company for nosy employees and governments as factors that are hard to control, or are under external control, it is unethical of them to systematically use your photos for training their own systems. Inspite of you paying them to store your data, they're essentially treating the photos as their own property.

With advancements in AI, this has become their real business model. At the cutting edge, all companies have access to the similar algorithms for their AI, and also have vast computing power at their disposal - so the differentiating factor between mediocre and scintillating AI is at the amount of data needed to train it.

Indeed, data is the new oil.

All this makes many of us uncomfortable. We don’t want people to peek into our photos. Even worse, AI models, which will never forget, remembering our private memories.

Is this the new unavoidable reality?

Luckily, there is a solution to this. End to end encryption.

Encryption is a mathematical way of locking a box of data so that it cannot be opened without the key. These companies already use encryption when they’re transferring your box of photos over the internet. But the key is with them, and so they can, and do, open the box as they wish.

With end to end encryption, also known as E2EE, you lock the box, and the key is with you. This is what "end to end" means. The key is with you.

The box is locked at your "end". The locked box is given to the E2EE service for storage. And when you want to see your photos again, maybe on a different device, you download the box again and open it on your "end".

This solves all the problems. No one in the middle can peek. Nosy employees, overbearing governments, or greedy companies - none of them can see your data, even if they want.

Of course, end-to-end encryption has some problems if its own. The biggest of these is that if you lose your key, the cloud storage service cannot help you recover your data - nobody can unlock the box without the key, so if the key is lost, then the box cannot be unlocked.

Another smaller problem is that locking and unlocking the data on your device itself requires your device to do a bit more work, especially for searching your photos. Previously many things were easy since they could be done on the server, which is not possible in an end to end encrypted service since the server can’t see the photos, so all this needs to be done on your device.

The good news is that newer phones nowadays have dedicated chips for specifically doing these searching and indexing locally. These chips make doing all these operations fast and battery efficient. So this problem is already on its way out.

Work still needs to be done to reduce the risk of losing the key. One way to do this is by introducing "social" recovery, where alternative 2-of-3 keys that can be distributed amongst your friends. The mathematics and technology for doing that is there, it does need wider adoption by E2EE service providers.

Now that you know what end to end encryption is, you should ask yourself: will you be comfortable giving a box of your personal photos to strangers? Likely not, and you’d want to lock your box first.

Similarly, end to end encryption is a way digitally of locking your box of photos before storing them on the cloud.

We hope you found this useful. Thank you for reading.

We've also published an abridged video version of this explanation, for people who prefer watching:

End-to-end encryption: In 3 minutes, explained like I'm 5

At Ente, we're building an end-to-end encrypted photo storage app. Take control of your privacy, and in style, with many features to go along. e.g. you can share original quality photos with your friends (most other apps apply compression to reduce quality of your photos); you can create collaborative albums where many people can add photos, even without needing the Ente app. All this, end-to-end encrypted.

If you would like to support our development efforts, you can upgrade to a paid plan or spread the word. Thank you for your support.