Google has announced that their E2EMail, an end-to-end encryption system, is now given to the open-source community with just no strings attached.
Whether you are concerned about man-in-the-middle (MiTM) attacks by threat actors or government surveillance and spying or you are an enterprise with a high need to keep the communications as secure as possible, end-to-end encryption is the best-known method to prevent snooping.
Not all email service providers offer the end-to-end encryption. The best-known being PGP although, in wake of former NSA contractor the Edward Snowden’s disclosures concerning mass-spying efforts of US government, more services have popped up and increased in popularity, including the ProtonMail, WhatsApp, Wire, and Signal.
Since we became concerned with digital threats and the surveillance, everything from the email services to the apps and the social network chats are being locked up with the cryptographic methods.
But, end-to-end encryption is still not available to a wider audience and this is where the Google intends to make a difference.
Last week, some Google engineers Eduardo Vela Nava, KB Sriram, and Stephan Somogyi told in a blog post that as part of the company’s End-to-End research efforts, E2EMail will be open-sourced.
It is built on the Javascript crypto library developed at Google, E2EMail offers a better way to integrate OpenPGP into Gmail using a Chrome Extension while keeping all the cleartext of messages exclusively on client.
Google is keen to emphasise that the E2EMail is not a Google product, but thanks to their efforts on security from across the spectrum, it has now become a “fully community-driven open-source project.”
The current form of E2EMail is rather bare when it comes to keyserver testing. However, Google’s Key Transparency, made available earlier this year, may improve the security of the service far beyond its current incarnation.
