The difference between end-to-end encryption and end-to-end security


Whilst end-to-end encryption is the safest way to secure your data as it travels between connected entities, it’s not the whole picture when it comes to truly secure business communication. If you want to ensure the absolute security of your conversations, data and intellectual property you need to understand end-to-end security and how security extends beyond encryption.



So what is End-To-End encryption?


End-To-End encryption (E2EE) is a form of encryption that uses complex algorithms to secure data as it travels between users to ensure no third-party can ever view your communicated content. E2EE uses these algorithms to place a ‘lock’ on your data and communications and only people you give access to the unique ‘key’ can unlock this data.


Each user has two sets of keys, a public key and a private key. Your public key is used by the sender to encrypt the data before it is sent to you, and your private key is used to decrypt it on arrival. As the data travels between users, no one can view or read it as they do not have the unique private key which unlocks the data (which is stored safely and never in the hands of someone without permission).


This means that no one, not even the server, network provider or encryption provider has the ability to view your end-to-end encrypted data as they do not have the unique key required to unlock that data.



What other types of encryption are used?


Whilst there are many other forms of encryption security none of them are as secure as end-to-end encryption. For example ‘encryption in-transit’ may encrypt data as it travels but it can be, or often will be, decrypted as it is routed through servers before being re-encrypted, exposing it to vulnerabilities. The other common form of encryption is ‘in-transit and at rest’ which does encrypt the data for the whole journey however parties such as the service provider, who may not be trusted, have access to the keys that unlock that data, again exposing vulnerabilities.


How does end-to-end encryption differ from end-to-end security


End-to-end encryption is just a piece in the puzzle of ensuring total security, it’s the right place to start but if other security practices are being ignored, your sensitive data is no longer completely secure. There is no utility in encrypting data, if someone else has the ability to login to your account or access the data with a simple URL.


That’s why DekkoSecure isn’t just an encryption company, we are a security company. As encryption is just one crucial step, but one step nonetheless in ensuring total security. Dekko presents a complete end-to-end security approach by mitigating the human and technological risks beyond just data encryption to help provide total security. These additional steps eliminate security gaps ensuring the confidentiality of data, communications and intellectual property whether that be in files, documents, chat, email or video conferencing. At Dekko we provide security beyond encryption through the following steps:


  • Authentication: Dekko takes additional steps beyond industry standard to authenticate that the user is indeed the intended recipient. Unlike other services where you may be able to access a document or video call simply by clicking a link, Dekko requires you to login and authenticate yourself. Digital signatures are also used to ensure your content cannot be tampered with.

  • Authorisation: Dekko actively checks for who has authorisation to sensitive data. In comparison many other platforms may still give you access to data using a link (which often contains the required encryption key), URL or password that could be maliciously intercepted. Dekko also ensures that authorisations that are revoked are done so cryptographically.

  • Integrity: Dekko verifies the integrity of its platform through a number of steps such as running its applications in the browser ensuring they are fully updated with no need for software updates and offering data sovereignty to improve traceability.

  • Verifiability: Rather than typical applications where organisers are responsible of inviting participants through URL or email, exposing them to the risk of phishing attacks, Dekko manages this in the application to improve verifiability.

  • Auditability: Audit logs provide crucial data on data, when it has been altered, who has accessed and when and using Dekko this is stored encrypted within the cloud to mitigate risk of tampering.


If you want more information on our end-to-end encrypted, video conferencing platform visit us at https://www.dekkosecure.com/videoconferencing.


We also offer a complete product suite of integrated, end-to-end encrypted collaboration tools including video conferencing, email, chat and document signing, to find out more about these visit us at https://www.dekkosecure.com/.

© DekkoSecure 2020. All rights reserved.