Once the parties have their shared secret, they can use it as the basis for an symmetric encryption scheme. Popular implementations typically incorporate additional techniques for more robust security, but all of this is abstracted away from the user. Once you connect with a friend on an E2EE application, encryption and decryption can only occur on your devices (barring any major software vulnerabilities).
It doesn't matter whether you're a hacker, the service provider, or even law enforcement. If the service is truly end-to-end encrypted, any message you intercept will look like garbled nonsense.
The pros and cons of end-to-end encryption
Cons of end-to-end encryption
There's really only one downside to end-to-end encryption – and whether it's even a downside depends entirely on your perspective. To some, the very value proposition of E2EE is problematic, precisely because no one can access your messages without the corresponding key.
Opponents argue that criminals can use E2EE, safe in the knowledge that governments and tech companies can't decrypt their communications. They believe that law-abiding individuals should not need to keep their messages and phone calls secret. This is a sentiment echoed by many politicians who support legislation that would backdoor systems to allow them access to communications. Of course, this would defeat the purpose of end-to-end encryption.
It's worth noting that applications that use E2EE are not 100% secure. Messages are obfuscated when relayed from one device to another, but they're visible on the endpoints – i.e., the laptops or smartphones at each end. This is not a drawback of end-to-end encryption, per se, but it’s worth keeping in mind.
The message is visible in plaintext before and after decryption.