Recently, Google made a bit of a fuss about the fact that half of emails it received in early June 2014 were still being sent in plain text by other email providers.
What wasn’t clear from the headline is that it meant email providers were not even taking advantage of basic protections like TLS to transmit messages. TLS is the same opportunistic encryption used when you make a HTTPS connection to a website (some call it SSL still).
Now for messages to be truly protected, they must be enciphered by the sender before ever reaching the email provider using the public key of the recipient. Only in this manner are the contents unavailable to sniffers, the email provider or secret government agents with (or without) court orders.
Most of us who need to encrypt mail this way have favoured something compatible with OpenPGP. There are many plugins and applications that support OpenPGP, but all of them still expect the user to have a reasonably high level of technical acumen to make them work.
Enter Google End-to-End, an open source plugin for Chrome-compatible web browsers that implements OpenPGP in the browser so it can be more easily used by webmail applications like Gmail (shocking!).
It isn’t available as a plugin to the public yet, so you have to check out the source code and compile it yourself (including working out typos in the instructions and using an old version of Python).
Once it’s installed you are greeted with a rather spartan welcome screen.
There are two primary things you can do here. Generate a new public/private OpenPGP keypair and/or import an existing keyring.
This is where the alpha nature of the code starts to show itself. The key generation component only generates elliptic curve (EC) keys, whereas most people using PGP/GnuPG use RSA keys.
In fact, support for EC keys is only available in GnuPG 2.1 (beta), which is the most commonly used OpenPGP compatible encryption tool, or the latest version of commercial PGP.
The good news is that you can still generate an RSA key for your Gmail using your favourite tool and import that into the Chrome extension without issue.
Once you have either created or imported a key, things are largely unchanged except for a new icon in your Chrome toolbar.
There are two ways to use OpenPGP: to sign messages or to encrypt them. Signing a message is a way to prove that you wrote it and that it has not been altered in transit, although anyone can read it.
Signing messages is particularly useful on mailing lists and for important email notifications like security bulletins. Anyone can verify you sent it, but you don’t need to have the recipients’ encryption keys to send out the message.
If you want to encrypt messages, things get trickier. You need to have exchanged public keys with the person you wish to communicate with so you can encode the message in a way only their key can decode.
For test purposes, I figured I would sign a message from my Gmail to my personal mailbox to get a feel for things.
The steps to sign a message are not intuitive. Click the yellow icon, which drops down a dialog where you can type in recipients and a message body.
Then click “Protect this message” and it signs the message and asks if you wish to paste the body into the message composition window in Gmail.
I sent the message to my personal mail server and tried to validate it using Thunderbird on Arch Linux with the Enigmail GnuPG plugin, but of course it failed.
I was not running the beta version of GnuPG that supports EC keys, so I had to compile and update it to the current beta release (2.1). Now I was able to import the End-to-End public key from Gmail and verify the message was intact and signed by the other me.
Now that I have exchanged keys, I do one final test and encrypt a message from my Thunderbird client on Linux to my Gmail account to ensure it is not somehow being interpreted by Google or anyone else along the way.
The message in Gmail is in fact scrambled. So I highlight it with my mouse and click on the End-to-End icon.
Once you click on Read it attempts to decrypt, succeeds and displays a message to that end. At no time did Google or anyone else have a gander at your secret message. Quite a change from the status quo with Gmail reading your mail to display the “correct” ads.
Considering that Google’s intended audience is a person who knows how to compile their own Chromium plugin and understands OpenPGP, I think this is a pretty interesting first revision.
There is a ton of work to do to even imagine unleashing this on the general user population, but every journey begins with a first step.
Anything that enables more people to use encryption in a more effective way and makes it easier to do so in more places is a good thing in my book.