Close Menu
  • Home
  • News
  • Security
  • Privacy
  • Cybercrime
    • Threat Groups
    • Ransomware
    • Explainers
    • Stealer Logs
  • AI
  • OSINT
  • Tools
    • Ransomtracker
    • Stealercheck
    • FortiBleed Checker
  • About Us
Facebook X (Twitter) Instagram Threads
Ransomnews
  • Home
  • News
  • Security
  • Privacy
  • Cybercrime
    • Threat Groups
    • Ransomware
    • Explainers
    • Stealer Logs
  • AI
  • OSINT
  • Tools
    • Ransomtracker
    • Stealercheck
    • FortiBleed Checker
  • About Us
Facebook X (Twitter) LinkedIn
Ransomnews
Privacy

End-to-End Encryption Explained: Signal, iMessage, WhatsApp, and the Limits of E2EE

Jesse William McGrawBy Jesse William McGrawApril 26, 2026No Comments7 Mins Read57 Views
Share Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Two endpoints with bright encrypted channel passing through dim observer shadows representing E2EE
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

End-to-end encryption is the technology that lets two people communicate over an untrusted network with strong assurance that no one in between, including the platform operator, can read what they say. It is not new (PGP dates to 1991), it is not magic, and it is the single most consequential piece of consumer-facing privacy technology to enter mainstream use. The 2010s decade of "private messaging" was largely the story of E2EE moving from niche to default. The 2020s have been the story of governments trying, with varying success, to push back against it.

Understanding what E2EE actually does, and what it does not, is essential before having any opinion about the politics.

The cryptographic guarantee

E2EE means that messages are encrypted on the sender’s device with a key that only the recipient’s device possesses. The platform operator routes the ciphertext but does not hold the decryption key. The contents are mathematically inaccessible to anyone except the endpoints.

The dominant protocol is the Signal Protocol, originally developed by Open Whisper Systems and now maintained by Signal Messenger LLC. The protocol combines:

Curve25519 elliptic-curve Diffie-Hellman key exchange.

The "X3DH" extended triple Diffie-Hellman handshake, which lets parties establish keys even when the recipient is offline.

The Double Ratchet algorithm, which derives a fresh encryption key for every message and rotates aggressively.

These give two important properties: forward secrecy (compromise of long-term keys does not decrypt past messages) and post-compromise security or "future secrecy" (compromise of one message’s key does not decrypt subsequent messages).

The full protocol specification is at signal.org/docs/.

What E2EE protects

The contents of messages and media in transit and at rest on platform servers.

The contents from disclosure to law enforcement subpoenas served on the platform: the platform genuinely cannot produce something it does not hold.

The contents from a passive network attacker: an ISP, a Wi-Fi sniffer, a state-level eavesdropper.

The contents from compromise of the platform’s servers: a breach of WhatsApp’s infrastructure does not expose user message contents.

What E2EE does not protect

The contents on the endpoints themselves. If your phone is compromised, E2EE is irrelevant.

Metadata. Who you message, when, how often, for how long, from what IP, none of that is encrypted by E2EE in most implementations. Metadata can be more revealing than content. The "We Kill People Based on Metadata" quote (former NSA director Michael Hayden, 2014) summarised the position bluntly.

Cloud backups. iCloud Backup and Google Backup historically stored decrypted message contents (or backup keys) accessible to Apple/Google and therefore to law enforcement. iCloud’s Advanced Data Protection (opt-in) and Google’s end-to-end encrypted RCS backups partially address this, but most users have not enabled them.

Endpoint metadata leaks. Read receipts, typing indicators, online status, profile photos, these are sometimes E2EE’d and sometimes not, depending on the app.

Group-membership lists. The contents are encrypted; who is in the group is often known to the platform.

The major implementations, compared

Signal. The reference implementation. Open source on both clients and server, minimal metadata retention (the "Sealed Sender" feature reduces sender metadata; Signal famously responds to subpoenas with the only information it has: account creation date and last connection time). Signal’s threat model is the strongest of the consumer apps and the user experience is now competitive with mainstream messengers.

WhatsApp. Uses the Signal Protocol since 2016 for message contents. Owned by Meta. Metadata flows back to Meta’s broader graph: contact information, group memberships, frequency of communication, profile metadata. WhatsApp message contents are E2EE’d; the social graph around them is fully visible to Meta.

iMessage. Apple’s E2EE protocol, recently upgraded to PQ3 (post-quantum 3, announced February 2024) which adds a Kyber-768 layer for resistance to harvest-now-decrypt-later attacks. iCloud Backup historically broke iMessage E2EE because keys were stored in iCloud; Advanced Data Protection (released December 2022) fixes this for users who enable it.

RCS with Google Messages. Rich Communication Services as deployed by Google now supports E2EE for Android-to-Android conversations. Cross-platform RCS (Android-to-iPhone) since iOS 18 does not yet support E2EE, the standardisation work for cross-OS RCS E2EE is ongoing in the GSMA.

Telegram. Default chats are not E2EE. Cloud Chats (the default) are encrypted between client and Telegram servers but Telegram holds the keys. Secret Chats are E2EE but use Telegram’s bespoke MTProto 2.0 protocol, which has been the subject of cryptographic concern over the years. Group chats are not E2EE in any mode.

Matrix / Element. Decentralised, open-source, federated. E2EE via the Olm and Megolm protocols, conceptually similar to Signal’s. Used heavily in security and privacy communities and increasingly by governments (the French government’s Tchap is a Matrix fork).

A useful summary table is maintained by the EFF’s Surveillance Self-Defense project at ssd.eff.org and the Securemessagingapps.com comparison.

The metadata problem, in detail

The reason metadata matters: a list of "Alice messaged Bob’s-suicide-hotline-account at 2 a.m. on Tuesday" reveals more than the contents of the message. Network traffic analysis of E2EE messengers can reveal:

Patterns of who-talks-to-whom. Construction of social graphs.

Times of activity. Sleep patterns, work schedules, geographic time zones.

Volumes of communication. Stress periods, intensity of relationships.

Combined with location data from the device or carrier, the picture becomes very detailed.

Signal’s Sealed Sender, Signal’s contact-discovery using oblivious-RAM, and the experimental Private Information Retrieval techniques being deployed in some apps reduce metadata exposure. Most apps, including WhatsApp, do not implement these.

The legal landscape

The political pressure on E2EE is consistent across democracies: law enforcement and intelligence agencies argue that E2EE prevents them from accessing communications related to serious crime. Privacy advocates and most cryptographers argue that "lawful access" mechanisms inherently weaken the encryption against all attackers, including criminals and foreign states.

Live legislative fights:

UK Online Safety Act. Includes provisions that could require client-side scanning of messages on E2EE platforms. Apple, Signal, and WhatsApp publicly threatened to withdraw services from the UK; the government has so far declined to use the powers.

EU "Chat Control" / CSAM Regulation. The proposed Child Sexual Abuse Material Regulation has gone through multiple drafts that would require client-side scanning of E2EE communications. The regulation is currently stalled in the Council of the European Union.

Australia’s Assistance and Access Act 2018. Provides the government powers to compel "technical assistance" that could break E2EE. Used sparingly.

US efforts. The EARN IT Act and other proposals have repeatedly attempted to condition liability protections on platform behaviour around encrypted content. None have passed as of mid-2026.

The cryptographic consensus, articulated in the 2015 "Keys Under Doormats" paper and the 2021 "Bugs in our Pockets" analysis of client-side scanning, is that there is no technical path to selective access that preserves the security of E2EE for legitimate users.

What ordinary users should know

Use Signal for sensitive personal conversations. The threat-model gap between Signal and WhatsApp is meaningful even though the cryptography is similar.

Enable Advanced Data Protection if you use iCloud and want backups to inherit E2EE.

Recognise that metadata leaks. Use Tor or VPN appropriately if metadata-level exposure is part of your threat model.

Update aggressively. The security of E2EE depends on the integrity of the endpoint software; outdated apps are the weak link.

Treat group chats carefully. The cryptography may be E2EE, but every member is a potential leak path.

E2EE is not perfect. It is the closest thing to a privacy floor the consumer internet has ever had. The decade-long effort to make it the default for consumer messaging is one of the privacy movement’s clearest successes; it is also a target that will require defence indefinitely.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Telegram Email Copy Link
Previous ArticleData Brokers: Who Sells Your Personal Information and How to Opt Out
Next Article Tracking Pixels, Cookies, and the Modern Web Surveillance Stack
Jesse William McGraw

Jesse William McGraw, also known as GhostExodus, is a former insider threat and threat actor. He became the first person in recent U.S. history to be convicted of corrupting industrial control systems. Today he focuses on threat intelligence, OSINT, and public speaking, using his knowledge to bring awareness to the security risks that organisations and individuals face.

Related Posts

Top infostealer families in 2026: Lumma, RedLine, Vidar, StealC, and the new entrants

June 8, 2026

Stealer logs explained: what they hold, how they leak, and how to check yours

June 8, 2026

Ransomware ditched encryption in May 2026 โ€” here’s why

May 22, 2026

Comments are closed.

Facebook X (Twitter) LinkedIn
© 2026 Ransomnews.com

Type above and press Enter to search. Press Esc to cancel.

Cookies on Ransomnews

We use strictly-necessary cookies to run the site and may use first-party analytics to understand which articles are read. Some pages contain affiliate links โ€” when you click one, the affiliate network sets cookies on the merchant's domain to attribute the referral. See the Cookie Policy and Affiliate Disclosure for detail.

RANSOMNEWS.COM

Tracking the criminal infrastructure of the internet.

Independent coverage of ransomware, breach economics, threat actors, privacy, AI security, and the open-source investigation toolkit.

// Topics

  • News
  • Security
  • Privacy
  • Cybercrime
  • AI
  • OSINT
  • Threat Groups
  • Stealer Logs
  • Ransomtracker
  • Stealercheck
  • FortiBleed Checker

// Site

  • About Us
  • Editorial Team
  • Contact
  • Tip Line
  • Editorial

// Legal

  • Privacy Policy
  • Terms of Service
  • Cookie Policy
  • Funding & Independence
  • RSS Feed
© 2026 Ransomnews.com ยท Tracking the criminal infrastructure of the internet.