A group of Google engineers is hoping to make progress on a problem that has bedeviled email technology for decades: how to strongly and easily encrypt all of your messages.
It’s a community-driven effort — not a bona fide Google product — and it faces a big uphill climb, given that it relies on projects that are only in the prototype phase and requires users to access their operating system’s command line. So far the engineers have announced the open-sourcing of E2EMail, an end-to-end email encryption app that works entirely with Google’s Gmail via an API accessed entirely through an extension in the company’s Chrome browser.
The idea is to remove obstacles that have kept Pretty Good Privacy technology, or PGP, from being widely adopted despite nearly three decades of public release.
The project has been headed thus far by KB Sriram, Eduardo Vela Nava and Stephan Somogyi. The goal is to make email encryption as automatic and strong as possible, avoiding the need for copying and pasting PGP code or using extra, unfamiliar software. The project relies on Key Transparency, a Google advance that makes it easier to verify encryption keys, so you know exactly who you’re communicating with.
E2EMail automatically generates a PGP key, uploads it to a key server and automatically encrypts outgoing emails if the receipt’s key is found on a public key server.
Developers have been working on the project for three years as encryption use has expanded through secure mass-market apps like Signal and the adoption of strong encryption by popular apps like WhatsApp.
Even though email is an old technology, its continued popularity is driving demands for secure options. ProtonMail, an encrypted email provider built by a private firm based in Switzerland, has seen the user base explode over the last six months, underscoring the wide market and desire for easy-to-use and difficult-to-break email encryption.