How end-to-end encryption works

Alice’s phone

1. Alice writes a message to Bob

2. Her phone retrieves Bob’s public key from the server

and uses it to encrypt the message so only a phone with Bob’s private key can decrypt it

Encrypted

message

Server

Public keys are held on the server but private keys are only held by an owner’s phone

Anybody trying to intercept the message can’t decrypt it as they don’t have the private key from Bob’s phone

3. Bob’s phone receives the encrypted message

Encrypted

message

4. His phone has the correct private key

and so can decrypt

the message for Bob to read

Bob’s phone

Alice’s phone

Server

Bob’s phone

Encrypted message

1. Alice writes a message to Bob

2. Her phone retrieves Bob’s public key from the server

3. Bob’s phone receives the encrypted message

4. His phone has the correct private key

Public keys are held on the server but private keys are only held by an owner’s phone

and uses it to encrypt the message so only a phone with Bob’s private key can decrypt it

and so can decrypt

the message for Bob to read

Encrypted message

Anybody trying to intercept the message can’t decrypt it as they don’t have the private key from Bob’s phone