The million dollar question ?
"Encryption" is a term used sporadically and often open to interpretation. To better understand what end-to-end encryption is we have created this little example to highlight why end-to-end encryption is radically different to encryption at rest, or in transit.
These are a few examples that illustrate why end-to-end-encrypted tools like Wire have less points of weakness and much better protection against cyber criminals than traditional collaboration platforms or email.
Hide a million dollars
Imagine you are given one million dollars in one dollar bills and asked to store them securely in one of two ways:
To guarantee minimum impact, should your code be compromised, most people would instinctively choose option B, yet in the IT world, most people choose A. Anything offering "encryption at rest" is nothing more than one secured vault with all your data. When compromised all the contents of the vault (in most cases a central server) will be out in the open, no matter who, or how many stored their content there. If, by gaining access, criminals would gain 1 million dollars, they would not bat an eye. However, if it requires the same effort over and over to gain only one dollar at a time, the reward is far less inviting.
Safety in numbers
No communication and collaboration system is static - new messages, calls, and files are exchanged every day. If we apply this to our safe example, and for the sake of comparison say that one file is worth one dollar, we now have these 2 options after 10 days:
Consider now that all files and communication are not equally valuable. Sure, all your communications in clear text are worth everything but one message here and another there, without any context, is far less likely to have any sort of value. The system of end-to-end-encrypted messages grows in complexity on a daily basis while the complexity of the central vault remain the same.
Place your bets?
In the end the challenge for a cyber criminal to find the valuable files to hold ransom, comes down to the following odds:
As time passes, end-to-end encrypted systems tip the odds increasingly in our favor.
Combine this with forward and backward secrecy, meaning that new encryption keys are used for each and every message, and it decreases the impact any compromised key could have.