The Complete Magazine on Open Source

Google open sources end-to-end encrypted email service project

4.14K 0

Google end-to-end encryption through E2EMail service

Google has decided to open source its experimental end-to-end encryption email system. Called E2EMail, the internal project by search giant promises to deliver a secured email communication solution.

E2EMail offers advanced security measures to prevent snooping. The email service is designed for end-users as well as enterprise customers and provides optimum security and privacy.

A large number of communication services have implemented encryption after Edward Snowden’s disclosure about NSA’s spying activities. However, not every email service out there offers end-to-end encryption. This is the reason Google wants to magnify the reach of end-to-end encryption to a wider audience through its E2EMail.

OpenPGP and Key Transparency to enhance security

Based on JavaScript crypto library, E2EMail integrates OpenPGP into Gmail using a Chrome extension and keeps all cleartext of the message body exclusive to the email client. The initial model uses a bare-bones central keyserver for testing. But Google is also planning to deploy its Key Transparency to improve the security of the service further.

“Key Transparency delivers a solid, scalable and thus practical solution, replacing the problematic web-of-trust model traditionally used with PGP,” Google’s security and privacy engineering team comprises of KB Sriram, Eduardo Vela Nava and Stephan Somogyi defines in a blog post.

The E2EMail code is available for access through a GitHub repository. The open source release comes with Apache License version 2.0.