The VICE Channels

    Image: Justin Henry/Flickr

    The Dream Of Usable Email Encryption Is Still A Work In Progress

    Written by

    Lorenzo Franceschi-Bicchierai

    Staff Writer

    Tech-savvy people have had a way to send secure email since the mid 1990s, when legendary cryptographer Phil Zimmermann created the encryption software known as Pretty Good Privacy, or PGP.

    But despite more than 20 years of existence, PGP, as well as its free replacement GPG, has never been mainstream. That’s because it’s a relatively hard-to-use tool for the few who would bother to use the command line, clunky email clients’ extensions, and bootstrapped software.

    But in 2014, in the aftermath of the Edward Snowden revelations, Google and Yahoo, the two largest email providers in the world, promised to change that once and for all with a browser plugin that would make sending encrypted emails so seamless anyone could use it.

    Now, it’s been almost two years, and encryption is making headlines thanks to the public fight between the FBI and Apple over the iPhone of one of the San Bernardino shooters. The controversial case has prompted several tech companies not only to support Apple in court, but also promise even more encryption in their services.

    Yet, Google and Yahoo’s projects on secure end-to-end encrypted email have yet to see the light of day. That’s why some are starting to question how much Google and Yahoo really care about making this happen.

    In recent interviews with Motherboard, both companies publicly renewed their commitment.

    “Engineers from Google, Yahoo, and the open source community continue to work together on the End-To-End Mail extension project. It remains a work in progress," a Google spokesperson said.

    A Yahoo spokesperson said the team of new security chief Bob Lord “is still cranking on it,” and pointed to the fact that the company even mentioned the project in its amicus brief in support of Apple in the case of the San Bernardino shooter.

    Neither of the companies, however, dared to venture a prediction on when the final product would be released.


    Both Google and Yahoo are working on an implementation of the open source standard OpenPGP that works entirely within the browser. The two projects are a work in progress, so some details might change, but the idea is to create a browser extension that will deal with all the pains of using PGP, making it as easy as possible to use, and allowing users to send emails that nobody—including Google and Yahoo—can read, other than the sender and the recipient.

    With that goal in mind, the extension will allow users to create their private and public encryption keys within the browser. The private key will be stored locally inside the browser, while the public key will be uploaded to centralized servers maintained by Google and Yahoo. Then, when the user wants to send an email to somebody else who also has a PGP key, his or her browser will automatically download the other person’s public key and encrypt the email. The two companies are working on the two projects in parallel, but eventually, when and if they come out, they should be compatible.

    Yan Zhu, who used to be one of the lead developers of the end-to-end encryption project at Yahoo uploaded a video showing how it might look like when it’s ready a few months ago.

    The biggest challenge, according to Zhu, is the server that manages the keys. That’s because the way Google and Yahoo want to deal with users’ keys is fundamentally different than how PGP has traditionally done it. PGP relies on what’s known as the “web of trust,” a completely decentralized system where the public keys get uploaded to multiple servers. In the “web of trust” model, the idea is that other users vouch for the authenticity of someone’s public key by signing it with their own. And that’s what Google and Yahoo are trying to change.

    “At the scale of Google and Yahoo with hundreds of millions of users you can’t just make webs of trust that are that big,” Yan Zhu told me in a phone interview. “You can’t get that people to sign each others keys, it’s just too much work.”

    But if you’re making a system where users depend on the servers to distribute keys, then you need to make sure users can trust the server to deliver them the right keys. To solve this problem, both Google and Yahoo will try to be be as transparent as possible, allowing users to review a history of other people’s keys, and alerting them when the keys change.


    Experts agree that doing something like what Google and Yahoo are trying to do has enormous technical challenges, such as making it interoperable, fully secure, but also easy to use.

    “Setting up the key exchange is a mess, not just from a technical standpoint, but because you have to make it ‘easy’ for the users,” according to Stefano Zanero, an associate professor at Politecnico di Milano university, and a member of the review board of the Black Hat security conference.

    Moreover, some cryptography experts in the past have criticized the use of Javascript-based extensions to handle encryption in the browser. But that might be the best compromise, according to Seny Kamara, an associate professor of computer science at Brown University, because “doing things in the browser makes things more usable.”

    Other than the technical challenges, it’s also unclear how many people the two companies are dedicating to these projects, given that, as Kamara put it, “these project may not be critical to the companies.” And, as Zanero reminded, both Google and Yahoo might not be too happy if a lot of emails become impossible to scan, which the companies do both to target ads as to protect users against spam and malware.

    Google declined to say specifically how many engineers work on the project, but said it’s more than a single one. Yahoo also declined to provide a specific number.

    Both Zhu and Daniel Ziegler, an MIT student who interned at Yahoo last summer and worked on the keyserver, said that the engineers working on the project at Yahoo are very committed to it.

    “Everyone I know who’s an engineer who worked on-end-to-end both at Google and Yahoo were all really committed to it and pretty much everyone wanted to spend more of their time on it,” Zhu told me. “I don’t think any of the blame is on the engineers.”

    Both Google and Yahoo’s project managers for the email encryption project did not respond to a request for comment.

    Google and Yahoo are not the only ones trying to make more secure email easy.

    There’s Mailvelope, which offers a browser extension similar to the one Google and Yahoo want to do. Mailpile, which is a client designed to replace webmail. And webmail providers such as ProtonMail, or Tutanota, which do all the encryption for users within the browser in the background. All of these projects, however, haven’t really gone mainstream, perhaps because people are reluctant to leave the convenience of their big email providers, or because they like checking email in their browsers.

    “It seems like if you really want this to happen,” said Kamara, “It will have to come from one of the major companies.”

    And for now, all Google and Yahoo can promise is to keep working on it.