End-to-end encryption
End-to-end encryption (E2EE) protects data continuously from sender to recipient, so that only these two endpoints can see the plaintext and no intermediary servers or service providers can read along.
End-to-end encryption (E2EE) is a cryptographic approach in which data is encrypted on the sender's device and only decrypted again on the recipient's device. Along the entire transmission path, including all intermediary servers, relays and service providers, the content exists exclusively as ciphertext. This sets E2EE fundamentally apart from pure transport encryption (such as TLS), where data may briefly appear in plaintext at each relay node. The private keys required for decryption always remain under the control of the endpoints and are never made accessible to the provider.
Technically, E2EE in practice usually relies on hybrid schemes: an asymmetric key pair (public-key cryptography) is used to securely exchange a symmetric session key, which then encrypts the actual payload efficiently. Modern protocols such as the Signal protocol add mechanisms like perfect forward secrecy, where fresh keys are derived for each message, so that the compromise of one key does not retroactively expose past communication. Crucial to trustworthiness is robust key management together with verification of key authenticity, in order to rule out man-in-the-middle attacks.
From an information security and data protection perspective, E2EE is an effective state-of-the-art building block for preserving confidentiality and integrity, minimising the circle of potential readers and significantly reducing the risk posed by server or provider compromise. The GDPR requires appropriate technical measures including encryption under Art. 32, and the NIS2 Directive explicitly names cryptography as a minimum risk-management measure. Nonetheless, E2EE does not replace a holistic security architecture: endpoint security, key management, metadata protection and availability considerations must be addressed alongside it, as must any requirements regarding the recoverability of encrypted data.
Legal Basis
Art. 32 GDPR (encryption as an appropriate technical measure); Art. 21(2)(h) NIS2 Directive (EU) 2022/2555 (use of cryptography and, where appropriate, encryption); ISO/IEC 27001 Annex A (cryptography); BSI IT-Grundschutz module CON.1 (cryptographic concept)
Practical Example
The information security officer of a mid-sized mechanical engineering company introduces an end-to-end encrypted collaboration solution for exchanging sensitive design data and contract documents with suppliers. They ensure that the private keys reside exclusively on the devices of authorised employees, define key management with a verification process for new contacts, and document in the cryptographic concept that the service provider itself has no access to the plaintext content. In this way they demonstrate to auditors that the confidentiality of the data, in line with Art. 32 GDPR and the NIS2 requirements, is maintained even if the cloud provider is compromised.