Googles Ease-of-Use Email Encryption Project Goes Open Source

  /     /     /  
Publicated : 22/11/2024   Category : security


Googles Ease-of-Use Email Encryption Project Goes Open Source


E2Email, together with open source Key Transparency project, are meant to take on the challenges that have dogged end-to-end email encryption adoption for decades.



Engineers at Google for several  years have been doing battle against the perception that end-to-end email encryption necessarily must be complex and hard to use. Theyve been cooking up a project called E2EMail thats designed to offer a simpler alternative to PGP for Gmail through a Chrome Extension, and now theyre taking the project to the open-source community.
Googles internal security team at the firm released the extension over a year ago, and hope that going open source will advance the project and easy-to-use email encryption.
E2EMail is built on a proven, open source Javascript crypto library developed at Google, wrote KB Sriram, Eduardo Vela Nava, and Stephan Somogyi of Googles security and privacy engineering team in an
announcement
on Friday. It’s now a fully community-driven open source project, to which passionate security engineers from across the industry have already contributed. 
According to the engineers, Google initiated the project because PGP in command-line form clumsily interoperates with Gmail and is too hard to use.
E2Email integrates OpenPGP in a simpler-to-use extension that keeps cleartext of the message exclusively on the client. This announcement follows close on the heels of another made last month about another open source initiative called Key Transparency, which Google believes fits hand-in-glove with E2Email.
The Google security team kicked off the Key Transparency project to tackle the challenges of discovery and distribution in OpenPGP implementations. The goal is to create an open-source and transparent directory of public keys with an ecosystem of mutually auditing directories.
We’ve spent a lot of time working through the intricacies of making encrypted apps easy to use and in the process, realized that a generic, secure way to discover a recipients public keys for addressing messages correctly is important, wrote Ryan Hurst and Gary Belven of Googles security and privacy team
last month
. Not only would such a thing be beneficial across many applications, but nothing like this exists as a generic technology.
They explain that the manual verification required by the PGP web-of-trust model has proven over the last 20 years to be too difficult to gain widespread use. They believe that the relationships between online personas and public keys need to be automatically verifiable and publicly auditable, and thats what the Key Transparency project intends to strive for.
When it comes to email encryption, the Google security team believes that Key Transparency is crucial to E2Emails evolution and thats where it hopes to lead the open source efforts in the near future. Googles encouraging community participation by directing interested contributors to the E2Email repository on GitHub.
Related Content:
FBI Official Explains What To Do In A Ransomware Attack
Email Encryption On The Rise But Still Not Universal
More Than 40% Of Attacks Abuse SSL Encryption
Encryption 101: Covering the Bases

Last News

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Googles Ease-of-Use Email Encryption Project Goes Open Source