How Encryption Actually Works — and Where It Breaks

The TLDR

“Encrypted” is the most abused word in tech marketing. It can mean your data is protected from everyone including the company that stores it — or it can mean your data is protected in transit but readable by the service, law enforcement, and anyone who breaches the provider. When WhatsApp says “encrypted,” when Telegram says “encrypted,” and when your VPN says “encrypted,” they mean three completely different things. Understanding the difference is the gap between actual security and a false sense of it.

The Reality

Let’s take WhatsApp as the example everyone uses.

WhatsApp uses the Signal Protocol for end-to-end encryption. This means the content of your messages is encrypted on your device and can only be decrypted by the recipient’s device. Meta cannot read your message content. Law enforcement cannot read your message content (without compromising one of the endpoints).

But here’s what WhatsApp’s encryption does not protect: who you talk to, when you talk to them, how often, for how long, your IP address, your phone number, your device identifiers, your contact list, and your group memberships. That’s metadata. And Meta collects all of it. They use it for advertising. They share it with Facebook and Instagram for cross-platform profiling.

“Encrypted” is doing a lot of work in that sentence. The message is encrypted. Everything else about the message is wide open.

How It Works

Symmetric vs. Asymmetric Encryption

Symmetric encryption uses one key for both encryption and decryption. Think of it as a lockbox — the same key opens and closes it. AES-256 (Advanced Encryption Standard with 256-bit keys) is the standard. It’s fast. It’s what encrypts your hard drive, your VPN tunnel, and the bulk data in an HTTPS connection.

The problem: how do you share the key securely? If you send someone the key over the internet, anyone intercepting it can read everything.

Asymmetric encryption solves this with two keys — a public key (anyone can have it) and a private key (only you have it). Data encrypted with your public key can only be decrypted with your private key. RSA and elliptic curve cryptography (ECC) are the standards.

In practice, asymmetric encryption is used to securely exchange a symmetric key. Then the symmetric key handles the actual data encryption. This is the foundation of nearly every encrypted protocol you use.

TLS/HTTPS — The Padlock

When you see the padlock icon in your browser, it means your connection to that website uses TLS (Transport Layer Security). Here’s what actually happens:

1. Your browser connects to the server and says “let’s encrypt”
2. The server sends its certificate — signed by a Certificate Authority (CA) that your browser trusts
3. Your browser verifies the certificate is valid and belongs to the correct domain
4. They perform a key exchange (usually using elliptic curve Diffie-Hellman) to agree on a symmetric session key
5. All data between you and the server is encrypted with that session key

What the padlock protects: The content of your communication with that specific site. Your passwords, form data, and page content are encrypted in transit.

What the padlock does NOT protect: Which site you’re visiting (the domain is visible via SNI — Server Name Indication — in the TLS handshake), your IP address, connection timing, and data volume. Your ISP knows you visited example.com even if they can’t read what you did there.

End-to-End Encryption (E2E)

E2E encryption means only the sender and recipient can read the message. The server that relays the message cannot decrypt it. This is fundamentally different from TLS — with TLS, the server can read the data.

The Signal Protocol (used by Signal, WhatsApp, and Facebook Messenger’s encrypted mode) implements E2E using:

• Double Ratchet Algorithm: Generates a new encryption key for every single message. If one key is compromised, it doesn’t expose past or future messages (forward secrecy).
• X3DH Key Agreement: Allows two parties to establish a shared secret even if one is offline.
• Sealed Sender: Signal specifically hides who sent a message from the Signal server itself.

This is the gold standard. When Signal says “encrypted,” they mean it — content and, uniquely, much of the metadata is protected.

VPN Tunnels

A VPN encrypts all traffic between your device and the VPN server. Inside the tunnel, your ISP sees encrypted gibberish. Outside the tunnel — from the VPN server to the destination — the traffic travels normally.

What the VPN protects: Your traffic from your ISP and local network. Your real IP from the sites you visit.

What the VPN does NOT protect: Your traffic from the VPN provider (they see everything your ISP would have seen). Your browsing habits when you’re logged into Google or Facebook (they track you by account, not IP). Your device fingerprint.

The encryption protocol matters: WireGuard is modern, fast, and well-audited. OpenVPN is older but battle-tested. IPSec/IKEv2 is common on mobile. The underlying encryption (usually AES-256 or ChaCha20) is effectively unbreakable — the vulnerability is always somewhere else.

Disk Encryption

BitLocker (Windows), FileVault (macOS), and LUKS (Linux) encrypt your hard drive at rest. If someone steals your laptop while it’s powered off, they cannot read your data without your password.

If the laptop is powered on and unlocked, disk encryption provides zero protection — the data is already decrypted in memory.

Password Hashing

Hashing is a one-way function — it converts your password into a fixed-length string that cannot be reversed. When you log in, the service hashes your input and compares it to the stored hash.

bcrypt (the current standard) is intentionally slow — it takes ~100ms to hash one password. This means brute-force cracking is expensive.

MD5 (still used by negligent services) is fast — GPUs can compute billions of MD5 hashes per second. If your password is in a breach that used MD5, it’s already cracked.

Salting adds a random value to each password before hashing. This defeats precomputed rainbow tables because even identical passwords produce different hashes.

Telegram’s Gap

Telegram markets itself as a secure messenger. Here’s the reality:

• Default chats are NOT end-to-end encrypted. Standard Telegram chats use client-server encryption — Telegram can read them. Your messages sit on Telegram’s servers, readable by the company and anyone who compromises or compels the company.
• Only “Secret Chats” use E2E encryption — and they’re a separate feature you have to manually initiate. They don’t work on desktop. They don’t sync across devices.
• Group chats are never E2E encrypted. If you’re in a Telegram group, Telegram can read every message.

Compare this to Signal, where everything is E2E encrypted by default — messages, calls, group chats, and file transfers. There is no unencrypted mode.

The gap between “Telegram is encrypted” (technically true at the transport layer) and “Telegram protects your messages from Telegram” (false by default) is where real harm happens.

Where Encryption Breaks

Endpoint Compromise

Encryption protects data in transit and at rest. If the device itself is compromised — malware, spyware like Pegasus (CVE-2023-41064), or physical access — the attacker reads the data after decryption. No encryption protocol can help you if the attacker is on your device.

Key Management Failures

Encryption is only as strong as its key management. If a service generates your keys for you and stores a copy, they have access. If a backup service stores your encryption key alongside your encrypted data, the backup is the vulnerability.

Legal Access

In the United States, FISA Section 702 allows intelligence agencies to compel service providers to provide access to communications of foreign targets — which routinely sweeps up domestic communications. National Security Letters (NSLs) compel disclosure without judicial oversight.

End-to-end encryption is the structural defense: if the service genuinely cannot decrypt the data, legal compulsion has nothing to act on. This is why governments worldwide push for “responsible encryption” (backdoors) and why Signal, Apple, and Proton resist.

Metadata Leakage

Even perfect encryption leaks patterns. The size of encrypted messages, their timing, their frequency, and their source/destination IPs all reveal information. Intelligence agencies have stated publicly that metadata is sufficient for targeting decisions. Content encryption is necessary. It is not sufficient.

What You Can Do

For messaging: Use Signal. Not because other options are bad, but because Signal is the only major platform where E2E encryption is the default for everything and metadata collection is architecturally minimized.

For browsing: HTTPS is near-universal in 2026. Ensure your browser has HTTPS-Only mode enabled. Use a VPN on untrusted networks. Understand that HTTPS protects content, not destination.

For storage: Enable disk encryption (BitLocker/FileVault/LUKS). Use a password manager with zero-knowledge architecture. Enable encrypted backups on your phone.

For evaluating “encrypted” products: Ask three questions:

1. Who holds the encryption keys? (You, or the company?)
2. Is it encrypted in transit, at rest, or both?
3. What metadata is collected despite the encryption?

If the company can’t answer these clearly, the word “encrypted” is marketing.

Sources & Further Reading

• Signal Protocol Technical Documentation — the cryptographic foundation of modern E2E messaging
• EFF: Surveillance Self-Defense — practical encryption guidance for individuals
• NIST Cryptographic Standards — federal encryption standards and guidelines
• Matthew Green’s Blog (Cryptography Engineering) — accessible analysis of encryption protocols and failures
• EFF: FISA Section 702 — legal framework for government access to encrypted communications
• Let’s Encrypt — the CA that made HTTPS universal