Practical Guide to Using End-to-end Encryption (E2EE) on Linux

End-to-end encryption is an increasingly popular method that online services are using to ensure their users’ security.  End-to-end encryption, also known as E2EE, encodes messages sent from one user to another in a way that ensures that only the sender and recipient can decode the message. 

Using open-source technology can add another layer of security to E2EE software.  Open-source technology has publicly available code, meaning that anyone can proofread the code for flaws and help find and fix bugs.  Publicly reviewable code is especially important for security technology.  The security of E2EE relies on the trust that only the sender and receiver of a message can read the message and that no one in the middle has access.  Allowing users to check the code of a platform that uses E2EE helps ensure that the users’ communications are really encrypted.

End-to-end encryption uses a method known as public key encryption to ensure that only the sender and receiver of a message can read it.  Public key encryption works by giving every user two “keys,” a private and public key.  Sending a message to a user encrypts it using the receiver’s public key, while his or her private key is needed to decode it.  This means that messages are unreadable to anyone who is not meant to receive a message, including the company running the service.  E2EE is primarily known for its use in messaging apps such as WhatsApp, Telegram, and Signal.  However, it is also used for applications like password managers and data transfer and storage.  In these cases, E2EE ensures that only the owner of the data is able to access it.

The Best Open-Source Software with End-To-End Encryption 

There are many open-source programs that incorporate end-to-end encryption, and using these programs can help make everyday tasks more secure.  Because end-to-end encryption is used for the transmission of messages between two parties, it is commonly found in secure messaging apps.

Messaging Apps

Linphone: Linphone is a free and open-source video calling software similar to Skype.  Linphone uses several types of encryption, including E2EE for instant text messages.  It is available on iOS, Android, Windows, Mac, and Linux.

Wire: Wire is an open-source video calling and messaging software focused on businesses and government clients.  There are several different subscriptions available for iOS, Android, Windows, Mac, and Linux.

Delta Chat: Delta Chat is a messaging program similar to WhatsApp.  Delta Chat uses protocols typically used for emails, meaning that Delta Chat can be used to message anyone with an email address, even if they do not have Delta Chat.  It is available on iOS, Android, Windows, Mac, and Linux.

ChatSecure: ChatSecure is an encrypted messaging app available on iOS.  ChatSecure is more basic than the other programs on this list since it is only available on iOS and only supports text messaging without attachments.  However, it has a strong focus on security with many customizable security options.

VPNs

Libreswan: Libreswan is a free and open-source VPN built for Linux.  It has been around for 25 years and is included with several Linux distributions by default.

OpenVPN: OpenVPN is one of the most popular open-source VPNs available.  While it does have compatibility with more devices than Libreswan, it is only free for a limited number of connected devices.

SoftEther: SoftEther is a free and open-source VPN available for Windows, Mac, and Linux.  While it does take some work to set up, it is more customizable and available on more platforms than many alternatives.

Other Software

Nextcloud: Nextcloud is a free open-source file sharing software that uses E2EE.  Nextcloud is similar to Dropbox or Google Drive, except it is self-hosted instead of relying on third party servers, making it a good option for companies looking for privacy.

Tor Browser: Tor is one of the most secure browsers available.  It is known for its use of onion routing, in which user traffic is sent through several layers of encryption.

Tutanota: Tutanota is an email service with a focus on privacy.  It can be used to send encrypted emails, even to users who do not use Tutanota.  It is free, open-source, and available on desktop and mobile devices.

Flaws of End-to-End Encryption

While end-to-end encryption is one of the best methods for keeping data secure, like everything, it has flaws and can be broken.  First, E2EE only encrypts data in transit.  If someone steals or hacks a phone, he or she can still read all the messages on the phone, even if they were sent using E2EE—once the data is sent, it is totally unencrypted.  Additionally, “man-in-the-middle” attacks have been developed in which hackers intervene so that messages are encrypted with their keys instead of those of the intended recipient. 

Some programs also have backdoors—intentional exploits created by developers that allow them to access the data of their users.  While this is unlikely to be a concern for users who are not breaking laws, backdoors can be taken advantage of by malicious attackers who discover them.  This is one benefit of open-source software—it can not have any secret backdoors because its code is publicly viewable.

Conclusion

While no encryption algorithm is perfect, using software that incorporates end-to-end encryption is a great way to stay private and secure.  Furthermore, ensuring that E2EE software is open-source can improve security even more by certifying that the software is well proofread and tested and that it is truly private and secure.  Ultimately, while end-to-end encryption has flaws, it is one the best ways to keep messages confidential.