Improving Non-Experts’ Understanding of End-to-End Encryption: An Exploratory Study

End-to-end encryption (E2EE) can effectively protect the privacy of online communication and has been adopted by several popular messaging apps. However, prior research indicates that many users have difficulty using E2EE tools correctly and confidently, as well as recognizing their security benefits, in part because of incorrect mental models. This paper takes a first step toward providing high-level, roughly correct information about end-to-end encryption to non-experts. In a lab study, participants (n=25) were asked about their understanding of E2EE before and after a tutorial we created, as well as which information they found most useful and surprising. Overall, participants' understanding of the benefits and limitations of E2EE improved. They found information about confidentiality, risks and weaknesses most useful, surprising, and compelling to pass on to others. Some confusion about integrity and authenticity remained. The results provide insight into how to structure new educational materials for E2EE.