Most people picture encryption as a vault door slamming shut the moment they tap Send. The message goes in, a lock turns, and only the recipient can open it. That picture is accurate for roughly one step in a ten-step process. The other nine steps are worth understanding.
1. Your Message Gets Broken Into Pieces Before It’s Encrypted
Before any cryptographic work happens, your app segments the message into packets. This is standard TCP/IP behavior: a long message becomes dozens of small chunks, each one routed independently across the internet and reassembled at the destination. What this means in practice is that encryption doesn’t operate on “your message” as a single object. It operates on pieces, each wrapped separately.
Signal, WhatsApp (which uses the Signal Protocol), and iMessage all handle this at the application layer, encrypting before the OS hands anything to the network stack. But the segmentation still happens. Anyone monitoring the network can see packet sizes, timing, and frequency even when they can’t read content. That metadata, how often you message someone, at what hours, in what volume, is genuinely useful intelligence even without the plaintext.
2. Encryption Happens on Your Device, Not Somewhere in the Middle
End-to-end encryption means exactly what it says: the message is encrypted on your device using the recipient’s public key, and only their private key (held on their device) can decrypt it. The company running the service never holds a key that works. This is what separates Signal from, say, a standard enterprise email system where the mail server can read everything.
The math behind this is well-established. Signal uses the Double Ratchet Algorithm, which generates a new encryption key for every single message. Even if an attacker somehow obtained a key for one message, past and future messages stay protected. This property is called forward secrecy, and it’s one of the stronger guarantees in modern secure messaging.
3. Your App Contacts a Server to Fetch the Recipient’s Public Key
Here’s the step most people skip over. Before encrypting, your app needs the recipient’s public key. Where does it get that? From a server run by the messaging company. This is a necessary architectural choice, but it introduces a question that has no fully satisfying answer: how do you know the public key you fetched actually belongs to your contact, and not to someone who compromised the server?
Signal publishes what’s called a key transparency log, allowing users to verify that the key they received for a contact is the same key everyone else sees. WhatsApp has a similar feature, but it’s opt-in and buried in settings. Most users never touch it. The gap between what the cryptography guarantees and what users actually verify is significant, and as the attacker often doesn’t need to break the encryption to get what they want, the key distribution step is a more practical target than the cipher itself.
4. The Encrypted Message Travels Through Infrastructure You Don’t Own
Once encrypted, your message moves through your carrier’s network, possibly multiple backbone providers, and into the messaging company’s servers before reaching your contact’s device. At no point can any of those intermediaries read the content (assuming the encryption is sound). But they can observe and log the metadata: sender, recipient, timestamp, message size, IP addresses on both ends.
This isn’t a theoretical concern. The NSA’s PRISM program, disclosed in 2013, showed that signals intelligence agencies routinely collect metadata at scale. Metadata analysis is mature enough that researchers have demonstrated it can reconstruct sensitive facts about people’s lives, medical conditions, legal situations, relationship status, with no access to message content at all.
5. Delivery Receipts Punch a Small Hole in Your Anonymity
When your contact receives the message, their app sends a delivery receipt back to the server, which relays it to you. This is a convenience feature, but it has a side effect: it confirms that a specific device, at a specific IP address, at a specific time, received a specific message. For most people, that’s irrelevant. For a journalist communicating with a source in a high-risk environment, it’s a real exposure.
Some apps let you disable read receipts. Fewer let you disable delivery receipts. This is a design choice, not a cryptographic limitation.
6. Decryption Happens on the Recipient’s Device, in an App You Don’t Control
The message arrives encrypted and gets decrypted locally using the recipient’s private key. What happens after that point has nothing to do with encryption. The decrypted plaintext now lives in the app, and it may be backed up to iCloud, synced to another device, stored in a local database with weak protection, or simply left on a screen where someone else can read it.
Apple’s iCloud backups, until the company expanded end-to-end encryption for backups in late 2022, stored message backups in a form Apple could access. That was a known limitation for years. The encryption on transit was sound; the storage at rest was not. The chain of custody for a message doesn’t end at decryption. It extends through every backup, screenshot, and forwarded copy.
7. The Weakest Point Is Usually the Endpoint, Not the Protocol
The Signal Protocol has no known practical vulnerabilities. The devices running it often do. NSO Group’s Pegasus spyware, documented extensively by Citizen Lab and Amnesty International’s Security Lab, demonstrated that attackers could achieve full access to a target’s phone through zero-click exploits, meaning the target didn’t need to tap anything. Once the device is compromised, encrypted messages are read in plaintext as the user sees them.
This is not an argument against encryption. It’s an argument for understanding where encryption’s protection ends. The protocol does its job. The question is whether the environment around it, the OS, the hardware, the app’s own code, does its job too.
8. The Company’s Business Model Shapes What It Actually Protects
Signal is a nonprofit funded by donations and grants, with no advertising revenue. Its incentives are structurally aligned with protecting user privacy. WhatsApp, owned by Meta, collects metadata that feeds advertising systems, even though message content is end-to-end encrypted. Telegram, frequently described as an encrypted messenger, uses end-to-end encryption only in “Secret Chats,” not in regular chats, which are stored on Telegram’s servers.
These distinctions matter more than most marketing language suggests. “We use encryption” covers a wide range of actual protections. What a company collects, retains, and can be compelled to hand over under a court order depends on what it stores. And what it stores depends less on the technology than on the business model behind it.
