> ## Documentation Index
> Fetch the complete documentation index at: https://support.locker.io/llms.txt
> Use this file to discover all available pages before exploring further.

# End-to-End Encryption

> Introduction to End-to-End Encryption and how Locker applies it to protect user data

## End-to-End Encryption

An End-to-End Encrypted system is a communication system in which all data flowing through it can only be read and modified by the participants of the conversation. Its operating principle prevents third parties (telecommunications providers, network providers, government agencies, and even the service provider) from accessing and possessing the encryption keys used to encrypt and decrypt the conversation.

In an End-to-End Encrypted system, messages are encrypted on the sender's device and can only be decrypted by the intended recipient's device.

At Locker, users' passwords and personal information are secured using [AES-256-CBC encryption](/en/locker-whitepaper/security-fundamentals/aes-256-cbc-encryption), [hash functions](/en/locker-whitepaper/security-fundamentals/hash-function), and [PBKDF2 key derivation](/en/locker-whitepaper/security-fundamentals/password-based-key-derivation-function-2). All encryption keys are generated and managed by the local application on the user's device. Similarly, all encryption and decryption processes are performed locally; Locker's servers only handle the transfer and backup of encrypted data when information access is requested.