End-to-end encryption, defined
End-to-end encryption means content is encrypted on the sender's device and can only be decrypted on an authorized recipient's device, so no server in between can read it. The keys exist only at the ends. This is different from HTTPS, which protects data in transit but lets the server read everything on arrival.
The three places encryption can live
Encryption protects data in three different places, and the differences decide who can read your content. The table below compares the three architectures factually: what each protects, and who holds the keys.
| Architecture | What it protects | Who holds the keys | Can the provider read content? |
|---|---|---|---|
| Encryption in transit (TLS/HTTPS) | Data moving over the network | Your device and the server, per connection | Yes, after it arrives |
| Encryption at rest | Data sitting on the provider's disks | The provider | Yes, at any time |
| End-to-end encryption | Content everywhere outside your devices | Only your devices | No, only the envelope and its metadata |
What the provider still sees
End-to-end encryption is a claim about content, not about everything. A provider running an end-to-end encrypted sync service still sees metadata: which account is syncing, when, and roughly how much. Honest products state this plainly. The claim worth testing is narrower and stronger: the provider cannot read what is inside the envelopes, not as a policy but as a property of the design.
In Violet
Violet, currently pre-launch, seals your content on your device under an AES-256-GCM key derived from your passphrase. Each stored record is an envelope of exactly two fields, a nonce and ciphertext, and the sealing and opening functions run only on the client, never on the server. AES-GCM is authenticated encryption, so a wrong key or any tampering with the envelope makes decryption fail loudly instead of returning garbage.
Definitions
- end-to-end encryption
- An arrangement where content is encrypted on the sender's device and decrypted only on an authorized endpoint, with the keys held exclusively at those endpoints, so no intermediate server can read the content.
- ciphertext
- The unreadable output of encryption. Without the key, ciphertext reveals nothing useful about the original content; with the key, it decrypts back to the original.
- plaintext
- The original readable data before encryption, or after successful decryption.
- envelope
- A stored encrypted record: the ciphertext plus the non-secret values needed to decrypt it later, such as a nonce. In Violet, an envelope is exactly a nonce and ciphertext.
- authenticated encryption
- Encryption that also proves integrity: decryption fails outright if the ciphertext was tampered with or the wrong key is used. AES-GCM is a widely used authenticated encryption mode.
Questions
Does HTTPS mean my messages are end-to-end encrypted?
No. HTTPS (TLS) encrypts data between your device and the server, which stops eavesdropping on the network. But the server decrypts everything on arrival and can read it all. End-to-end encryption additionally encrypts the content itself under keys the server never has, so the server stores only ciphertext.
What is a locked envelope in Violet?
It is the record Violet's server stores when cloud sync is on: a nonce plus ciphertext, produced on your device under a key derived from your passphrase. The server can store and return the envelope, but it cannot open it, because the key never leaves your devices.