What is encryption and why is it important?

Encryption is a mathematical process used to scramble a message or a file so that only a person or entity with the key can “decrypt” it and read it.  Without any encryption in place, our messages are left open to being read by potential adversaries, including your telecom or internet service provider (ISP), unfriendly governments, or hackers on the web. The Electronic Frontier Foundation’s Surveillance Self Defense Guide provides a practical explanation (with graphics) of what encryption means:

As you can see in the image above, a smartphone sends a green, unencrypted text message (“hello”) to another smartphone on the far right. Along the way, a cellphone tower (or in the case of something sent over the internet, your internet service provider, known as an ISP) passes the message along to company servers. From there it hops through the network to another cellphone tower, which can see the unencrypted “hello” message, and is finally then routed to the destination. It is important to note that without any encryption, everyone involved in relaying the message, and anyone who can sneak a peek as it goes by can read its content. This might not matter much if all you are saying is “hello,” but it could be a big deal if you are communicating something more private or sensitive that you do not want your telecom, ISP, an unfriendly government, or any other adversary to see. Because of this, it is essential to avoid using unencrypted tools to send any sensitive messages (and ideally any messages at all.) Keep in mind that some of the most popular communication methods - such as SMS and phone calls - practically operate without any encryption (like in the image above).

There are two ways to encrypt data as it moves: transport-layer encryption and end-to-end encryption. The type of encryption a service provider supports is important to know as your organization makes choices to adopt more secure communications practices and systems. Such differences are described well by the Surveillance Self Defense Guide, which is adapted again here:

Transport-layer encryption, also known as transport layer security (TLS), protects messages as they travel from your device to the messaging app/service’s servers and from there to your recipient’s device. This protects them from the prying eyes of hackers sitting on your network or your internet or telecommunications service providers. However, in the middle, your messaging/email service provider, the website you are browsing, or the app you are using can see unencrypted copies of your messages. Because your messages can be seen by (and are often stored on) company servers, they may be vulnerable to law enforcement requests or theft if the company’s servers are compromised.

The image above shows an example of transport-layer encryption. On the left, a smartphone sends a green, unencrypted message: “Hello.” That message is encrypted and then passed along to a cellphone tower. In the middle, the company servers are able to decrypt the message, read the contents, decide where to send it, re-encrypt it, and send it along to the next cellphone tower towards its destination. At the end, the other smartphone receives the encrypted message, and decrypts it to read “Hello.”

End-to-end encryption protects messages in transit all the way from sender to receiver. It ensures that information is turned into a secret message by its original sender (the first “end”) and decoded only by its final recipient (the second “end”). No one, including the app or service you are using, can “listen in” and eavesdrop on your activity.

The image above shows an example of end-to-end encryption. On the left, a smartphone sends a green, unencrypted message: “Hello.” That message is encrypted, and then passed along to a cellphone tower and then to the app/service’s servers, which cannot read the contents, but will pass the secret message along to its destination. At the end, the other smartphone receives the encrypted message, and decrypts it to read “Hello.” Unlike transport-layer encryption, your ISP or messaging host is not able to decrypt the message. Only the endpoints (the original devices sending and receiving encrypted messages) have the keys to decrypt and read the message.

What type of encryption do we need?

When deciding whether your organization needs transport-layer encryption or end-to-end encryption for your communications (or some combination of the two for different systems and activities), the big questions you should ask involve trust. For instance, do you trust the app or service you are using? Do you trust its technical infrastructure? Are you concerned about the possibility that an unfriendly government could force the company to hand over your messages – and if so, do you trust the company's policies to protect against law enforcement requests?

If you answer “no” to any of these questions, then you need end-to-end encryption. If you answer “yes” to them, then a service that supports only transport-layer encryption may suffice - but it is generally better to go with services that support end-to-end encryption when possible.

When messaging with groups, keep in mind that the security of your messages is only as good as the security of everyone receiving the messages. In addition to carefully choosing secure apps and systems, it is important that everyone in the group follows other best practices regarding account security and device security. All it takes is one bad actor or one infected device to leak the contents of an entire group chat or call.

What end-to-end encrypted messaging tools should we use (as of 2022)?

If you need to use end-to-end encryption, or just want to adopt the best practice regardless of your organization’s threat context, here are some trusted examples of services that, as of 2022, offer end-to-end encrypted messaging and calls. This section of the Handbook will be regularly updated online, but please note that things change quickly in the world of secure messaging, so these recommendations may not be up to date at the time you are reading this section. Keep in mind that your communications are only as secure as your device itself. So in addition to adopting secure messaging practices, it is essential to implement the best practices described in the "Secure Devices" section of this Handbook.

What is metadata and should we be concerned about it?

Who you and your staff talk to and when and where you talk to them can often be just as sensitive as what you talk about. It is important to remember that end-to-end encryption only protects the contents (the “what”) of your communications. This is where metadata comes into play. EFF’s Surveillance Self-Defense Guide provides an overview of metadata and why it matters to organizations (including an illustration of what metadata looks like):

Metadata is often described as everything except the content of your communications. You can think of metadata as the digital equivalent of an envelope. Just like an envelope contains information about the sender, receiver, and destination of a message, so does metadata. Metadata is information about the digital communications you send and receive. Some examples of metadata include:

• who you are communicating with
• the subject line of your emails
• the length of your conversations
• the time at which a conversation took place
• your location when communicating

Even a tiny sample of metadata can provide an intimate lens into your organization’s activities. Let us take a look at how revealing metadata can actually be to the hackers, government agencies, and companies that collect it:

• They know you called a journalist and spoke with them for an hour before that journalist published a story with an anonymous quote. However, they do not know what you talked about.
• They know one of your party candidates frequently messaged a local business infamous for unsavory activity. But the topic of the messages remains a secret.
• They know you got an email from a COVID testing service, then called your doctor, then visited the World Health Organization’s website in the same hour. However, they do not know what was in the email or what you talked about on the phone.
• They know you received an email from a large donor with the subject line “Return on Our Investment After the Election”. But the content of the email is invisible to them.

Metadata is not protected by the encryption provided by most message services. If you are sending a message on WhatsApp, for example, keep in mind that while the contents of your message are end-to-end encrypted, it is still possible for others to know who you are messaging, how frequently, and, with phone calls, for how long. As a result, you should keep in mind what risks exist (if any) if certain adversaries are able to find out who your organization talks to, when you talked to them, and (in the case of email) the general subject lines of your organization’s communications.

One of the reasons that Signal is so highly recommended is that, in addition to providing end-to-end encryption, it has introduced features and made commitments to reduce the amount of metadata that it records and stores. For instance, Signal’s Sealed Sender feature encrypts the metadata about who is talking to whom, so that Signal only knows the recipient of a message but not the sender. By default this feature only works when communicating with existing contacts or profiles (people) with whom you have already communicated or whom you have stored in your contacts list. However you can enable this “Sealed Sender” setting to “Allow from anyone” if it is important for you to eliminate such metadata across all Signal conversations, even those with people unknown to you.

What about email?

Most email providers, for example Gmail, Microsoft Outlook, and Yahoo Mail, employ transport-layer encryption. So if you must communicate sensitive content using email and are worried that your email provider could be legally required to provide information about your communications to a government or another adversary, you may want to consider using an end-to-end encrypted email option. Keep in mind, however, that even end-to-end encrypted email options leave something to be desired from a security perspective, for example, not encrypting subject lines of emails and not protecting metadata. If you need to communicate particularly sensitive information, email is not the best option. Instead opt for secure messaging options like Signal.

If your organization does continue to use email, it is critical to adopt an organization-wide system. This helps you limit the common risks that arise when staff use personal email addresses for their work, such as poor account security practices. For example, by providing organization-issued email accounts to staff, you can enforce best practices like strong passwords and 2FA on any accounts your organization manages. If, according to your analysis above, end-to-end encryption is necessary for your email, both Protonmail and Tutanota offer plans for organizations. If transport-layer encryption is adequate for your organization’s email, options like Google Workspace (Gmail) or Microsoft 365 (Outlook) can be useful.

Can we really trust WhatsApp?

WhatsApp is a popular choice for secure messaging, and can be a good option given its ubiquity. Some people are concerned that it is owned and controlled by Facebook, which has been working to integrate it with its other systems. People are also concerned about the amount of metadata (i.e. information about with whom you communicate and when) that WhatsApp collects. If you choose to use WhatsApp as a secure messaging option, be sure to read the above section on metadata. There are also a few settings that you need to ensure are properly configured. Most critically, be sure to turn off cloud backups or, at the very least, enable WhatsApp’s new end-to-end encrypted backups feature using a 64 digit encryption key or long, random, and unique passcode saved in a secure place (like your password manager). Also be sure to show security notifications and verify security codes. You can find simple how-to guides for configuring these settings for Android phones here and iPhones here. If your staff *and those with whom you all communicate* do not properly configure these options, then you should not consider WhatsApp to be a good option for sensitive communications that require end-to-end encryption. Signal still remains the best option for such end-to-end encrypted messaging needs given its secure default settings and protection of metadata.

What about texting?

Basic text messages are highly insecure (standard SMS is effectively unencrypted), and should be avoided for anything that is not meant for public knowledge. While Apple’s iPhone-to-iPhone messages (known as iMessages) are end-to-end encrypted, if a non-iPhone is in the conversation the messages are not secured. It is best to be safe and avoid text messages for anything remotely sensitive, private, or confidential.

Why aren’t Telegram, Facebook Messenger, or Viber recommended for secure chats?

Some services, like Facebook Messenger and Telegram, only offer end-to-end encryption if you deliberately turn it on (and only for one-to-one chats), so they are not good options for sensitive or private messaging, especially for an organization. Do not rely on these tools if you need to use end-to-end encryption, because it is quite easy to forget to change away from the default, less secure settings. Viber claims to offer end-to-end encryption, but has not made its code available for review to outside security researchers. Telegram’s code has also not been made available for a public audit. As a result, many experts fear that Viber’s encryption (or Telegram’s “secret chats”) may be substandard and therefore not suitable for communications that require true end-to-end encryption.

Our contacts and colleagues are using other messaging apps - how can we convince them to download a new app to communicate with us?

Sometimes there is a tradeoff between security and convenience, but a little extra effort is worth it for sensitive communications. Set a good example for your contacts. If you have to use other  less secure systems, be very conscious of what you are saying. Avoid discussion of sensitive topics. For some organizations, they may use one system for general chatting and another with leadership for the most confidential discussions. Of course, it is simplest if everything is just automatically encrypted all the time - nothing to remember or think about.

Luckily, end-to-end encrypted apps like Signal are becoming increasingly popular and user-friendly - not to mention that they have been localized in dozens of languages for global use. If your partners or other contacts need help switching communications over to an end-to-end encrypted option like Signal, take some time to talk them through why it is so important to properly protect your communications. When everyone understands the importance, the few minutes required to download a new app and the couple of days it might take to get used to using it will not seem like a big deal.

Are there other settings for end-to-end encrypted apps that we should be aware of?

In the Signal app, verifying security codes (which they refer to as Safety Numbers) is also important. To view a safety number and verify it in Signal, you can open up your chat with a contact, tap their name at the top of your screen, and scroll down to tap “View Safety Number.” If your safety number matches with your contact, you can mark them as “verified” from that same screen. It is especially important to pay attention to these safety numbers and to verify your contacts if you receive a notification in a chat that your safety number with a given contact has changed. If you or other staff need help configuring these settings, Signal itself provides helpful instructions.

If using Signal, which is widely considered to be the best user-friendly option for secure messaging and one-to-one calls, be sure to set a strong pin. Use at least six digits, and not something easy-to-guess like your birth date. 

For more tips on how to properly configure Signal and WhatsApp, you can check out the tool guides for both developed by EFF in their Surveillance Self-Defense Guide.

What about larger group video calls? Are there end-to-end encrypted options?

With the increase in remote work, it is important to have a secure option for your organization’s large group video calls. Unfortunately, no great options currently exist that check all the boxes: user-friendly, support large numbers of attendees and collaboration features, and enable end-to-end encryption by default.

For groups of up to 40 people, Signal is a highly recommended end-to-end encrypted option. Group video calls on Signal can be joined either from a smartphone or the Signal desktop app on a computer, which allows for screen sharing. Keep in mind, however, that only your contacts who already use Signal can be added to a Signal group.

If you are looking for other options, one platform that recently added an end-to-end encrypted setting is Jitsi Meet. Jitsi Meet is a web-based audio and video conferencing solution that can work for large audiences (up to 100 people) and requires no app download or special software. Note that if you use this feature with large groups (more than 15-20 people) the call quality may decrease. To set up a meeting on Jitsi Meet, you can go to meet.jit.si, type in a meeting code and share that link (via a secure channel such as Signal) with your desired participants. To use end-to-end encryption, take a look at these instructions outlined by Jitsi. Note that all individual users will need to enable end-to-end encryption themselves in order for it to work. When using Jitsi, be sure to create random meeting room names and to use strong passcodes to protect your calls.

If this option does not work for your organization, you can consider using a popular commercial option like Webex or Zoom with end-to-end encryption enabled. Webex has long allowed for end-to-end encryption; however, this option is not turned on by default and requires participants to download Webex to join your meeting. To get the end-to-end encrypted option for your Webex account you must open a Webex support case and follow these instructions to ensure end-to-end encryption is configured. Only the host of the meeting needs to enable end-to-end encryption. If they do so, the entire meeting will be end-to-end encrypted. If using Webex for secure group meetings and workshops, be sure to also enable strong passcodes on your calls.

After months of negative press, Zoom developed an end-to-end encryption option for its calls. However, that option is not turned on by default, requires that the call host associate their account with a phone number, and only works if all participants join via the Zoom desktop or mobile app instead of dialing in. Because it is easy to accidentally misconfigure these settings, it is not ideal to rely on Zoom as an end-to-end encrypted option. However, if end-to-end encryption is required and Zoom is your only option, you can follow Zoom’s instructions to configure it. Just be sure to check any call before it starts to ensure it is indeed end-to-end encrypted by clicking the green lock in the upper left-hand corner of the Zoom screen and seeing “end-to-end” listed next to the encryption setting. You should also set a strong passcode for any Zoom meeting.

In addition to the tools mentioned above, this flow-chart developed by Frontline Defenders highlights some video call and conferencing options that, depending upon your risk context, might make sense for your organization.

It is worth noting, however, that certain popular features of the above tools only work with transport-layer encryption. For example, turning on end-to-end encryption in Zoom disables breakout rooms, polling capabilities, and cloud recording. In Jitsi Meet, breakout rooms can disable the end-to-end encryption feature, leading to an unwitting decrease in security.

What if we really do not need end-to-end encryption for all our communications?

If end-to-end encryption is not needed for all of your organization’s communications based upon your risk assessment, you can consider using applications protected by transport-layer encryption. Remember, this type of encryption requires that you trust the service provider, such as Google for Gmail, Microsoft for Outlook/Exchange, or Facebook for Messenger, because they (and anyone they might be compelled to share information with) can see/hear your communications. Once again, the best options will depend upon your threat model (for example, if you do not trust Google or if the U.S. government is your adversary, then Gmail is not a good option), but a few popular and generally trusted options include:

A note about file sharing

In addition to securely sharing messages, sharing files safely is likely an important part of your organization’s security plan. Most file-sharing options are built-in to messaging applications or services that you might already be using. For instance, sharing files via Signal is a great option if end-to-end encryption is needed. If transport-layer encryption is enough, using Google Drive or Microsoft SharePoint might be a good option for your organization. Just be sure to configure sharing settings properly so that only the appropriate people have access to a given document or folder, and ensure that these services are connected to staff’s organizational (not personal) email accounts. If you can, prohibit sharing sensitive files via email attachments or physically with USBs. Using devices like USBs within your organization greatly increases the likelihood of malware or theft and relying on email or other forms of attachments weakens your organization’s defenses against phishing attacks.