June 3, 2014

Making end-to-end encryption easier to use

posted by Stephan Somogyi, Product Manager, Security and Privacy

Your security online has always been a top priority for us, and we’re constantly working to make sure your data is safe. For example, Gmail supported HTTPS when it first launched and now always uses an encrypted connection when you check or send email in your browser. We warn people in Gmail and Chrome when we have reason to believe they’re being targeted by bad actors. We also alert you to malware and phishing when we find it.

Today, we’re adding to that list the alpha version of a new tool. It’s called End-to-End and it’s a Chrome extension intended for users who need additional security beyond what we already provide.

“End-to-end” encryption means data leaving your browser will be encrypted until the message’s intended recipient decrypts it, and that similarly encrypted messages sent to you will remain that way until you decrypt them in your browser.


While end-to-end encryption tools like PGP and GnuPG have been around for a long time, they require a great deal of technical know-how and manual effort to use. To help make this kind of encryption a bit easier, we’re releasing code for a new Chrome extension that uses OpenPGP, an open standard supported by many existing encryption tools.

However, you won’t find the End-to-End extension in the Chrome Web Store quite yet; we’re just sharing the code today so that the community can test and evaluate it, helping us make sure that it’s as secure as it needs to be before people start relying on it. (And we mean it: our Vulnerability Reward Program offers financial awards for finding security bugs in Google code, including End-to-End.)

Once we feel that the extension is ready for primetime, we’ll make it available in the Chrome Web Store, and anyone will be able to use it to send and receive end-to-end encrypted emails through their existing web-based email provider.

We recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection. But we hope that the End-to-End extension will make it quicker and easier for people to get that extra layer of security should they need it.

You can find more technical details describing how we've architected and implemented End-to-End here.

46 comments:

  1. This is great looking forward in seeing the new end-to-end changes.

    ReplyDelete
  2. Sounds good. Will Google permit/encourage/develop solutions for other browsers, too, such as Firefox?

    ReplyDelete
  3. Well done, folks. More of this.

    ReplyDelete
  4. Hi, I would like to help people to install the project.

    To install, you need to get the contents from https://code.google.com/p/end-to-end/wiki/BuildInstructions?tm=6 and use the following instructions (after resolving the dependencies (like git, svc, wget, java and etc) in case you don't have them installed before hand):

    vim install.sh
    chmod a+x install.sh
    ./install.sh

    cd e2e_dev/
    vim compile.sh
    chmod a+x compile.sh
    shopt -s expand_aliases
    ./compile.sh

    Then just install the unpacked extension using the path e2e_dev/end-to-end/javascript/crypto/e2e/extension/
    (More details about it in
    https://developer.chrome.com/extensions/getstarted )

    Congratulations for the amazing project https://code.google.com/p/end-to-end/

    Kindest regards,
    Luan

    ReplyDelete
  5. This is absolutely fantastic and I am surprised such a thing has not yet been implemented! Any plans for similar mobile support on Chrome Browser for Android or as a separate app?

    Cannot wait for it to hit the Chrome Store so I can get my friends to use it!

    ReplyDelete
  6. Been waiting for a very long time for this.

    ReplyDelete
  7. Bravo! It's long past due when OpenPGP should have gone mainstream. Thank you Google, and thanks to everyone who is working on this project. Private communications are a necessity in a Democracy.

    ReplyDelete
  8. Do you plan on recoding End-to-end to use Web Crypto once it is generally available and supports the algorithms you require? That will likely increase security and definitely increase performance.

    ReplyDelete
  9. Google + USA + Three-Letter-Organisations = Encrypted E-mails?
    Somehow, this equation does not add up.

    ReplyDelete
  10. Wait, you guys are implementing RFC 6637? Aren't P-256 and P-384 known to be weak?

    http://safecurves.cr.yp.to/

    ReplyDelete
  11. thanks for that email security
    awesome!

    ReplyDelete
  12. It seems a tad ironic, or perhaps hypocritical is the right adjective, that a company which is complicit in NSA surveillance of our data is at the same time claiming to be such a great advocate of privacy and encryption. Every email that passes to or from a Gmail account is scanned for keywords, and added to a database. One purpose of that is for targeted advertising to the Gmail account holder. What else that data is used for, or who is granted access to it (such as the NSA?) we may never know.

    How about Google take a firm stand on not complying with NSA and other Government surveillance programs?

    ReplyDelete
  13. Great effort again, thank you Google.
    Would be awesome if PGP is incorporated in SPDY !

    ReplyDelete
  14. So how do we test this on Chrome for Windows? You must be aware it's impossible to install anything from outside the store.

    ReplyDelete
  15. Will this extension be available exclusively for Chrome, or will you make it available for other browsers as well?

    ReplyDelete
  16. Will End-To-End also be added to the Android Gmail app eventually? The Chrome extension us great but a lot of email is sent through mobile these days.

    ReplyDelete
  17. This is cool, a long missed feature. I am looking forward to check it out. For now - thanks a lot guys!

    ReplyDelete
  18. How about collecting email addresses so that you can email those people when end to end is ready for prime time (at the Google store)?

    ReplyDelete
  19. Please implement a more easy way to exchange and find public keys. That's only point keeping end-users from using encryption. You are Google ... You can do it. E.g. Automatically search all known key-servers, and web pages for the recipients public key. You are Google ... You can do it.

    ReplyDelete
  20. Does this plugin also encrypt email headers, containing information such as Subject:, Date:, and Received:, or is only the body of the message encrypted?

    Does the plugin prevent Google from scanning the body of the email (for the purposes of targeted advertising)?

    ReplyDelete
  21. But by choosing Elliptic Curve as your default cipher for keys generated by your extension, you will be incompatible with 99% of the PGP implementations already in existence.

    A GnuPG user with the current stable GnuPG release will not be able to encrypt a message to public key that is using EC since it is not supported by their software.

    Nice that you have allowed for people to import their own existing keys, but do you anticipate some issues from using a non-standard PGP extension when trying to exchange messages from a pure 4880 implementation?

    ReplyDelete
  22. That's a great news! Thank you!

    ReplyDelete
  23. What tools will you be providing to assist in the management and distribution of public keys?

    ReplyDelete
  24. Au contraire,

    "We recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection."

    Personally,

    given the events of the past years, I consider the need for secure, private, communication a necessary prerequisite for human growth and exploration.

    ReplyDelete
  25. I wish some large email provider, such as GMail or Yahoo Mail, would start using end-to-end (client-to-client) encryption routinely, and transparently. When you click the Send button, software (maybe an open-source browser plug-in) looks to see if your recipient has a preferred encryption method and public key registered anywhere (or if one is cached locally, via prior key-exchange). If recipient does, the message gets encrypted (by open-source browser plug-in) via that method before sending. If recipient is not registered anywhere, message goes unencrypted, as usual. Simple ! And now the email provider itself can't read or decrypt the messages, and can't decrypt them for the government.

    The company that does this first could seize the mantle of "privacy champion".

    They still could do targeted advertising based on keywords: the plug-in that does the encryption first extracts a few keywords, and then passes them on along with the encrypted message.

    Searching your messages on the server would be affected; the server wouldn't be able to read the text of the messages. I suppose you could do a search by sending all of the encrypted messages to the client (browser), and decrypting them and doing the search there, but that would be horribly inefficient.

    The reason I want an existing large provider to do this, as opposed to new secure-email startups, is that the change by an existing large provider would immediately make encryption easily available to hundreds of millions of existing users. No need for users to change providers, with new UI and new email addresses and having to transfer their contact lists. Most users will NOT move to new secure-email services; we need to get encryption into existing services.

    ReplyDelete
  26. What was the reason to not use s/mine? PGP is fine when it comes to desktops, but s/mime is supported even on most mobile phones and integrated into tons of mail clients.

    ReplyDelete
  27. Why are there no comments here yet? Were all comments obfuscated via end-to-end encryption?

    ReplyDelete
  28. Are there any plans to offer this so it's available for Firefox users? Thanks.

    ReplyDelete
  29. Put it in the Chrome Web Store!!!! Hurry!

    Also... does this put an end to MITM?

    ReplyDelete
  30. Does using this mean email will be stored encrypted on google servers and not even google can access it?

    The only way to stop government-level bad actors like the NSA is implementing the above.

    ReplyDelete
  31. Hi,
    Will it be possible to use the Js crypto library as a separate tool for securing web apps ?

    Thanks !

    ReplyDelete
  32. The blog post says, "We recognize that this sort of encryption will probably only be used for very sensitive messages..."

    Please, encrypt everything and encourage everyone to do so. Law enforcement, and in a very few cases, judges, have used the presence of encryption as an indication of wrongdoing. If nearly everyone encrypted nearly everything, that could not happen.

    ReplyDelete
  33. Will you allow it to work with gpg implementations that already exist, I haven't looked at it but does it give the user a public key that I can then take and store in my thunderbird install and when I emaail them the plugin can do the unencryption with their private key?

    ReplyDelete
  34. Dear Stephan Somogyi,

    thank you for releasing this extremely useful extension!

    Do you plan to implement smart card support in the future? If yes, will you support the Microsoft Crypto API?

    Best regards,
    Joachim

    ReplyDelete
  35. After the last Chrome update, the browser has been locking up my Samsung Galaxy Tab 3

    TWICE in a few days!

    Once I was able to reboot back to factory settings.

    The next time I was able to uninstall the Chrome browser and use the supplied alternate.

    This is not a new problem, during my research on Android support, problems go back to 2012.

    Don't you think it would be better to fix the Chrome problems, BEFORE adding things to the browser that could complicate fixing the problem in the first place?

    ReplyDelete
  36. Google security is not that much compared to Facebook , Microsoft and other service providers...

    For example you can log out somebody indefinitely from using Google services by just exploiting CSRF vulnerability ...

    Put this link in a loop in your website form load event and the other person will not be able to use Google services...a DOS attack ...pretty simple flaw ....

    https://mail.google.com/mail/u/0/?ui=2&ik=310bc0d947&view=om&th=146a8759aa7f7af8

    ReplyDelete
  37. iPGMail (https://ipgmail.com) now supports PGP/ECC keys also which will be helpful for people who want to exchange PGP msgs with your users. Also it might be helpful for interoperability testing purposes.

    ReplyDelete
  38. Hi,
    any news to the release of this extensions??

    ReplyDelete
  39. "We recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection."

    Most likely millions of people will utilize the encryption regardless of message sensitivity inasmuch as the fascist State illegally farms emails which everyone sends and receives, and even mundane messaging requires encryption to reduce gross civil rights violations committed by fascist regimes.

    The worse bad actors are the Christofascist corporate Oligarchy running the United States, and if you trust them with your unencrypted emails given the ease of encryption, you have nobody to blame but yourself when the thugs kick in your doors.

    ReplyDelete
  40. We recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection

    I certainly hope not. The whole point, in my estimation (or one of them, at any rate), of the Snowden revelations was just how badly the entire web is in need of encryption, to prevent everything from garden-variety cyber-theft to surveillance by governments. If encryption is seen by most people as something one does only when one needs to send sensitive messages, it will be very easy - too easy - for said bad actors, governments, etc to know which messages to spend more time trying to crack.

    Additionally, people who more-habitually use encryption as a matter of course in such a world would be de facto penalized because their ordinary activities would by definition bring them under extra scrutiny. The only way to prevent this is for people to up their game - for most people to begin thinking of encryption as a habit that needs to be acquired and practiced, just as a hundred years ago, people from the country would learn the habit of locking their front door every time they went out, if they moved to the city.

    ReplyDelete
  41. It's unfortunate that Google has decided to go with PGP rather than S/MIME, since S/MIME has many profound usability advantages (such as automatically distributing public keys with each message). An S/MIME extension could have made the keys in the browser and then automatically sent the CSR to google and downloaded the corresponding S/MIME certificate.

    ReplyDelete
  42. There is some solution that handles public key exchange automatically. I personally use Pandor and I heighly recommend for others.It is a quite user friendly extension that works with most popular mail services such as Gmail, Outlook or Yahoo and it uses PGP for mails encryption. It is available in Chrome Web store in this link and as a firefox add-Ons in this one.

    ReplyDelete

You are welcome to contribute comments, but they should be relevant to the conversation. We reserve the right to remove off-topic remarks in the interest of keeping the conversation focused and engaging. Shameless self-promotion is well, shameless, and will get canned.

Note: Only a member of this blog may post a comment.