Since publishing the secure email guide, I’ve had some interesting exchanges with Tutanota staff about encrypted email and their unique solution to the challenges involved. In order to further clarify Tutanota’s rationale for going PGP-free, Matthias Pfau, cofounder of Tutanota, wrote this article exclusively for Restore Privacy readers.
PGP – the most widely used email encryption software – is still only a niche product: Only a fraction of the billions of emails sent every day are secured with PGP encryption. While security experts around the world have done their best to add PGP support to all kinds of email applications for decades, it is time to realize that PGP is simply too complex for mainstream adoption.
3 Reasons Why PGP Must Die
1. PGP was invented almost 30 years ago by Phil Zimmermann. However, even Phil Zimmermann, the inventor of PGP, doesn’t use it. The reason: It is too complicated to install PGP plugins for all your email applications: desktop clients, web clients, mobile clients. While you might still be able to use PGP on desktops and in web clients, the mobile world remains inaccessible to most people. This was also what stopped Phil Zimmermann. Today he mainly uses email on his phone – where PGP encryption is really hard to get.
2. Cryptography experts like Bruce Schneier understand that the most secure system can only be used securely if the user is capable of using it without making any mistakes. Unfortunately, this is not the case with PGP. In many email clients it is very easy for the user to send confidential emails with encryption turned off, so send unimportant emails with encryption turned on, or to accidentally send an encrypted email with the wrong key. Security expert Bruce Schneier concludes:
I have long believed PGP to be more trouble than it is worth. It’s hard to use correctly, and easy to get wrong. More generally, e-mail is inherently difficult to secure because of all the different things we ask of it and use it for.
Filippo Valsorda gives a very good explanation for PGP’s usability weakness:
I haven’t done a formal study, but I’m almost positive that everyone that used PGP to contact me has, or would have done (if asked), one of the following:
- pulled the best-looking key from a keyserver, most likely not even over TLS
- used a different key if replied with “this is my new key”
- re-sent the e-mail unencrypted if provided an excuse like I’m traveling.”
3. OpenPGP projects (Gmail, Yahoo) were doomed and are now dead
A couple of years ago, Gmail tried to hop on the privacy-friendly bandwaggon – and Yahoo later joined in – by developing a Chrome plugin that was supposed to automatically encrypt emails between Gmail – and Yahoo – users with PGP. Soon after, Google stopped this end-to-end encryption project for Gmail.
PGP used to be great
PGP was a great invention, and it is still great for people who are capable of using it correctly. And while the technology of PGP has evolved, user-friendliness has not.
The biggest problem with PGP to this day is its complexity. “It’s a real pain,” says cryptography expert Matthew Green. “There’s key management – you have to use it in your existing email client, and then you have to download keys, and then there’s this whole third issue of making sure they’re the right keys.”
PGP is not fit for the future
On top of that, however, PGP has some inherent security weaknesses, which can not easily be fixed:
1. PGP does not support forward secrecy (PFS).
Without forward secrecy, a breach potentially opens up all your past communication (unless you change your keys regularly). It’s rumored that the NSA stockpiles encrypted messages in the hope of gaining access to the keys at a later date.
This risk is exactly why Valsorda is giving up on PGP: “A long-term key is as secure as the minimum common denominator of your security practices over its lifetime. It’s the weak link.”
Adding forward secrecy to asynchronous offline email is a huge challenge that is unlikely to happen because it would require breaking changes to the PGP protocol and to clients.
2. PGP does not encrypt the subject.
There is no possibility to add the option to encrypt or hide the metadata (sent from, sent to, date) with the PGP protocol.
3. PGP is not always compatible with PGP.
There are so many implementations of PGP that interoperability is not always a given. In addition, if you update your PGP key e.g. from RSA 2048 to RSA 4096, you need to decrypt your entire data with your old private key and re-encrypt it with your new private key.
4. PGP can only be used for email communication.
The encryption method can not be transferred to other systems like encrypted notes, chat, calendar.
EFfail and what comes next
In 2018 researchers from Munster University of Applied Sciences published the EFail vulnerabilities in the end-to-end encryption technologies OpenPGP and S/MIME that leak the plaintext of encrypted emails. The exploit uses a piece of HTML code to trick certain email clients, including Apple Mail, Outlook 2007 and Thunderbird, into revealing encrypted messages.
While the issue is not with the PGP protocol itself, but with the way it has been implemented, this still shows the inherent complexity of doing security right. While email – and PGP for that matter – are praised for being universally interoperable, EFail shows that this also poses a severe security threat. While one person in a conversation may be using a non-affected implementation of PGP, the other person might not.
Even though, vulnerabilities are found and patched – usually rather quickly – there is no knowing that your counterpart is using the updated, patched software or an old, outdated version.
All of this does not help in convincing people to start using end-to-end encryption for emails. What we need in the future is an easy-to-use version of end-to-end encryption, a solution that does not put the user at risk due to its complexity, but something that takes care of the security for the user – no matter where, when or with whom one is communicating.
The new approach must be as easy as it is already implemented in lots of messaging apps like Signal and even WhatsApp.
Future requirements for email encryption
To keep email encryption easy and secure for everybody, the model of the future can not depend on PGP for several reasons:
- Key management must me automated.
- It must be possible to automatically update encryption algorithms (e.g. to make the encryption resistant against quantum computers) without the need of involving the user.
- Backward compatibility must be stopped. Instead, all systems must update within a very short time-frame.
- Forward secrecy must be added to the protocol.
- Metadata must be encrypted or at least hidden.
This is what we at Tutanota have been working on these last couple of years: An easy-to-use email client that has baked encryption into the software and that lets users easily encrypt any email end-to-end.
When we started building Tutanota, we deliberately opted against using PGP. We chose a subset of the PGP’s algorithms – AES 128 and RSA 2048 – but with our own open sourced implementation. This allows us to encrypt subject lines, upgrade the algorithms, and add Forward secrecy. This gives us the great advantage that we can fix – and have in parts already – fixed the described weaknesses in PGP.
- Tutanota already encrypts subject lines. We plan to also hide the metadata in the future.
- Key management and key authentication is automated in Tutanota, which makes it very easy to use.
- Tutanota encrypts and decrypts the users’ private key with the help of the users’ password. This enables the user to access their encrypted mailbox and to send encrypted emails on any device. Whether people use their encrypted mailbox with the web client, with the open source apps or with the secure desktop clients, Tutanota makes sure that all data is always stored encrypted.
- Encryption algorithms can be updated in Tutanota. We plan to update the algorithms used to quantum secure ones in the near future.
- We plan to add Forward secrecy to Tutanota.
- The encryption algorithms used in Tutanota can be applied to all kinds of data. The Tutanota mailbox already encrypts all data stored there, including the entire address book. We plan to add an encrypted calendar, encrypted notes, encrypted drive – all secured with the same algorithms.
Easy email encryption is already available. Now we must spread the word so that everybody understands that it is no longer necessary to allow Google, Yahoo and others to harvest our data. We can simply use encrypted emails so that nobody can spy on our private data.
We’d be happy to hear your feedback on Tutanota and what you would like to see included in an encrypted email client.
Hello Matthias Pfau,
Whatever happened to the ‘UnaPhone Zenith’ that Tutanota back in 2016-04-29 was thrilled enough to partner with?
https://tutanota.com/blog/posts/una-phone-zenith-crowdfunding/
Is the phone now dead ? Or Tutanota still a partner ?
Congratulations for the article,
Two questions:
1)Why Snowden used Lavabit instead Tutanota?
2) In your experience and knowledge,protonmail is still affordable in 2019?
Thanks for sharing your knowledge.
Best wishes,Steve
Hi Steve,
I suspect your questions deal to much with one’s own preferences.
1. Why did you have chicken for lunch instead of beef.
2. Why comment on a competitors offering – when I offer you mine at far more savings.
–
Here’s some things of both mail services you may want before shopping:
Looking at aliases use with either one’s offer – both have different approaches.
– ProtonMail, yet requires the “+alias” after your username and before the (ex:”@protonmail.com” domain). Most anybody knows that a use of ‘example+myalias@protonmail.com’ is an Alias for the real email address and dropping the +myalias would likely deliver to it. THAT’s nothing private that you’d expect from aliases use but, more for organizing your inbox in combination with filters.
Because of this Protonmail can offer free users unlimited aliases.
You can only use an alias to receive emails, not to send, even if paid.
*With using your own domain in paid Protonmail tiers – it all amounts back of their free tier and similar method as found in Apple Mail, Outlook and Gmail. – – THINK about that a moment,
your = user_name+big-dog@myowndomain doesn’t really hide the real address here of it as user_name@myowndomain nor with free tier users of PM. There’s still more with deleting an alias to know either free or the paid users – both type accounts amounts to pain.
https://protonmail.com/support/knowledge-base/creating-aliases/
. . .
– Tutanota, approach is more what users want from aliases use.
(Email messages addressed to an email alias forwards on to another as the specified email address that the alias is linked too.)
Real esscents of hiding your actual mailing address…
Aliases are a Premium feature and require a paid tier to use. But you get a three-dot button to choose from 5 domains of your alias use.
This can be any of the Tutanota domains or of your own domain(s) that you have added to your Tutanota account.
– You can sent/reply in Tutanota with alias email address use, you can change the default sending address to your own domain alias (or any other alias) you have added – thus linked in your account.
Please Note: Aliases with a Tutanota domain can only be disabled, but not removed. Deactivated aliases must remain linked to your account in case you want to activate them again in the future.
*When you are using your own domain with Tutanota, you can delete aliases with your own domain and create new ones.
https://tutanota.com/howto#alias
https://tutanota.com/faq/#alias
. . .
So both ProtonMail and Tutanota in paid accounts tiers with the usage of your own domain offer’s a difference in aliases use in their own specific rights to these companies.
https://en.wikipedia.org/wiki/Email_alias
–
It might be interesting to contact Protonmail about who handles their credit card transactions / they wouldn’t tell me after already paying – cited it was for security reasons / BS… I closed account.
. . .
Tutanota’s far more forthcoming about it all.
Personal data > For the execution of credit card payments
https://tutanota.com/privacy/
These were some peeves I had with Protonmail over Tutanota.
You really don’t know many things till you get your feet wet : )
Hope this helps someone…
Hey “Hard Sell”. Just a suggestion from a non-Geek.
Your input is truly of value (at least in my books)… just tighten up on your verbosity.
Obviously, you are smart. And a Techno savvy person. But please try to condense and consolidate your thoughts so what everyone one this forum can benefit from it… not just the erudite Tech-Brothers/Sisters!
Just a comment to you without any bias and/or malice aforethought.
Cheers, George from Canada
P.S. Please keep the K.I.S.S. principal in mind for all our benefit, eh?! 😉 You are simply too wordy.
Hi George,
The K.I.S.S. switch is off with me and let me tell you why.
Trouble I have is I think to much after reading a lot and don’t understand enough that’s behind Tech’s veil.
Because to, I’m disabled and a shut-in and see this as an outlet to talk to people and try to help them.
In time, I may refine to be as you want of a pin point in answers.
.
If I knew more (as you suggest in Tech), that would be with a hands on application of real life experiences in it vast fields.
I only have my own experiences since 2009 of my first computer to convey what I know – not that much really.
Any comment/reply I leave, I try to cite the source and use copy and paste for it’s purpose, and in answering.
Which may seem to wordy for some – a format I find best. Unlike aberrated, incomplete thoughts of SMS.
At least it’s a complete existent’s – be it of the question and/or other related thoughts in an answer, and I hope doesn’t leave someone hung nor further bewildered thus the linked source.
.
My life has had hands on experiences in many other fields where logic and troubleshooting skills were needed.
I apply those lived traits in the field of Tech wherever valuable in/of/to my understanding it.
I like to help people take the first few steps to understand things as I’m able to with my logic.
I can’t learn or re-learn them but, try to get them to apply their already learnt logic to that area in question.
I don’t feel I speak for the common man but, speak well enough that the common man will understand me.
I’m most happy to engage with anyone in sharing ideals, points and general concerns on anything related to online and device privacy of today.
Even if I need to research the field for answers given. So lets drop this – it’s how I’m able to help others and find myself of value today being a disabled shut-in.
.
There is a benefit to the site in sharing what one can find out, on top of then known facts, or where quality questions that are asked – in that they may be answer with facts, even to the use of cited source links.
Thank you for taking the time to respond and hopefully you’ll find more time to help answer others around the site : )
Greetings George
Thanks for your comment [Hard Sell], but i want to clarify this ,i’m user of protonmail but in this century you know better than anybody that privacy in Internet it’s a privilege,i asked about protonmail and lavabit related the snowden case in 2013 , I don’t related the questions about my preferences ,just curiosity because i’m not a specialist in privacy.
Thanks for sharing your knowledge ,best wishes,
Steve
Hi Steve,
Ok that’s fair enough, as I thought you were weighting facts to make an informed decision on a purchase.
[Your original question was – 1)Why Snowden used Lavabit instead Tutanota?]
From Lavabit and Tutanota Wikipedia pages, Lavabit was up and running since 2004 and Tutanota since 2011. Maybe this influenced Mr. Snowden’s decision by a company’s history, then the encryption method used as well – who can really draw a conclusion of why. Who can say when Mr. Snowden went with Lavabit but himself and why.
https://en.wikipedia.org/wiki/Lavabit
https://en.wikipedia.org/wiki/Tutanota
–
As far as I can tell Lavabit and Tutanota are closed to outside investors – (ProtonMail has accepted money from Corporations – and/or Governments – who knows how governments funnel money out for a stake in business operations).
https://archive.vn/dEHX5
https://archive.is/1sFta
– Remaining independent to what they develop next and how in Tutanota’s case by giving us this – no one can influence our development or ask us to integrate an encryption backdoor.
https://tutanota.com/blog/posts/welcome-nils/
–
ProtonMail has been plagued with several DDoS attacks.
https://en.wikipedia.org/wiki/ProtonMail
I’m not quite sure Steve how you meant “privacy in Internet it’s a privilege” – all the information is out there on the web and great article found here and it’s all free only requiring your research.
Cheers : )
Correction: should of read –
and Tutanota launched 2011.
May I use tutanota on Thunderbird?
Hi caralu,
Wasn’t that meant as “May I use Thunderbird (third-party email client) on Tutanota?”
– While Tutanota uses very high standards and is arguably the most secure email provider, this also comes with some tradeoffs, such as no support for PGP, IMAP, POP, or SMTP.
The why is because these Email protocols are not compatible with Tutanota’s security model in the encryption used at this time.
Who know what the future will bring as Tutanota with buying users support can grow it Team and staff : )
See here – https://restoreprivacy.com/secure-email/
Off-topic:
https://www.techradar.com/uk/news/apple-card-privacy
I find it laughable that Techradar can claim that this card is good for privacy, where it’s payment processing is with Goldman Sachs, the most global integrated bank in the world, where it’s former & current executives have worked in governments across the world.
The Euro, wouldn’t exist without Goldman Sachs.
People need to smarten up about integrating their banking with their mobile phones.
Keep up the good work Sven, your site (of it’s type) is the best out there.
Hello Matthias Pfau,
Sir, please forgive but if you’d answer more on Tutanota’s Secure Search.
This link tells some but does not answer my questions.
https://tutanota.com/howto/#search
Paid User: unlimited search
1.If I have 1.5GB of Tutanota mailbox used, would that mean my device would have a 1.5GB in a search index that is stored encrypted on the device (browser, desktop client or app)?
The search index – as I understand, is a reference that is built and stored encrypted on my device not the full mailbox of all the messages – Right?
– I guess I’m getting confused by the words ‘full-text search’ and ‘unlimited search’ in thinking the Search Index is created only once.
Then possibly is updated (growing larger) with any subsequent detailed search masks in filtered terms of entered information.
– – I could see a full ‘time-frame’ search of say ‘Mr. Brown’ would yield only my messages with Mr. Brown being indexed.
Then again with a full ‘time-frame’ search with to, and, or, the, in, of, etc… would be a much larger index of messages containing those filtered terms.
– – – As the spam folder is excluded from the secure search, I’m thinking a search index consists of only the messages containing the input search masks in filtered terms.
***Yes I’ve neglected to use the secure search feature in Tutanota because I can’t find enough detailed documentation of it – to go there. Entering ‘secure search’ at https://tutanota.com/faq is all over the place with only ‘search’ highlighted in results.
2. Is the secure search > ‘search index’ that is stored encrypted on the device (browser, desktop client or app) able to be deleted?
Is a prior search index always deleted with any new secure search made?
I wonder this because of the heavy server load to Tutanota interstructure caused by the data being encrypted that needs sifted through.
3. Please review my prior ‘$5.00 question about Tutanota’s secure search’ as what I wanted to know there. I didn’t mean it as raising two questions but, the security of secure search wherever is was initiated from – a browser, desktop client or app.
– Since the desktop/laptop/netbook and smartphones/tablets all have browsers lets go with that, (browser access) from each and how is the OS system on these devices of their memory, search history, cookies, DNS resolver cache – does not keep something unencrypted in those systems as well of the clear-plain texts once the message pulled up to read.
–
@ I commend you Sir for your answers so far, where the language and intellectual tech divide you must face to overcome in trying to answer questions here from us lowly users.
I surely wouldn’t be as good in it all if the rolls were reversed : )
–
Additional comments:
Include in Tutanota encrypted email client(s):
ENCRYPTED VOICE & VIDEO – since the encryption algorithms used in Tutanota can be applied to all kinds of data. Any thoughts to add these features at lest to the mobile apps?
@[Future requirements for email encryption > 1. Tutanota already encrypts subject lines. We plan to also hide the metadata in the future.]
METADATA – is there any ETA when this will be a standard in Tutanota and HOW is HIDE defined? By encryption? Removed or modified?
METADATA risks isn’t exclusive to messages you send – the messages you receive may also include dangerous metadata.
“Marketing company’s/enterprises insert tracking images-embed tracking technologies and scan your email to extract it’s metadata to try to learn more about you.
They can learn the languages you speak, the type of computer you have, what cell phone you have, your email service provider (if using your own domain with Tutanota).
Where your email is actually stored or originates from and sometimes even your current physical location, which cellular telephone tower you’re connected to. Some company’s even use this information to tell whether you’re at home, at work, or another location by recording this information every time you send them emails.”
–
Closing Thoughts:
Since secure search is such a taxing user option on Tutanota’s resources and Tutanota is a freemium model where the basic service is free by paid customers accounts. Limit paid users in secure search to X amount of bandwidth a month (not used it’s lost – can’t add up), and drop it for free users. Then paid and free users can buy addon credits (non-expiring) to use for that of other Tutanota features above their plan tier.
– I could see at some point a staff member making the Video library of using Tutanota features that explain as well as teach.
: ) Thank you for your answers and I’ll stop, giving others a chance to get your answers, best to all the Tutanota Team …
You search index is always encrypted and, thus, secure – no matter on what device you use it.
We have no ETA for hiding metadata as this is a very complex task. Right now, the email protocol needs the email addresses to deliver a message. There are ways to hide this information (e.g. send the message to multiple addresses, but only the correct one is able to decrypt it), but this project is not on our immediate to-do list.
We don’t plan to offer encrypted video/phone calls, but who knows what the future will bring. 🙂
Thank you Sir : )
Hello Matthias Pfau
Has Tutanota considered building additional secure offices and servers in Switzerland?
If so, would it be based on a premium plan, ie only available to paying customers?
Would be delighted to hear your thoughts.
Sincerely, the 28 yr old dying PGP protocol.
(I may not seem old, but I’m very old in internet years).
(hope I made everyone chuckle)
Its a pleasure to have you here.
Thank You for making email safe again.
No, we do not consider Switzerland as a good option for a service defending privacy rights of the people because it has data retention laws, also for email: https://en.wikipedia.org/wiki/Data_retention#Switzerland
In Germany Politicians tried to implement data retention laws, but failed twice due to a pushback from the German Federal Constitutional Court. In Germany, the right to privacy is written into our constitution.
Hello Matthias, Sven, Sell,
If I were to look for new protocols to use,
https://worldcryptocon.com/
https://www.iacr.org/events/
https://infosec-conferences.com/category/cryptography/
https://www.bmc.com/blogs/it-infosec-cyber-security-conferences/
https://litmus.com/blog/beyond-gdpr-denmark-makes-email-encryption-mandatory
Send people there to gather info then blueprint it.
Hi PGP,
I’m not knowledgeable on Bitcoin and Blockchain to know if that’s where Tutanota wishes to go in quantum proof cryptography.
In their quest to make the encrypted email service of Tutanota resistant against attacks from quantum computers.
https://tutanota.com/blog/posts/job-post-quantum-cryptography/
I’ve read that quantum computers are far off and very expensive in everything about them, only State players, the very biggest corporations could invest the capital needed to have and maintain one.
But, at lest Tutanota give thoughts to us little people to be resistant of attacks from any.
–
A short summary of Bitcoin:
https://bitcoin.org/en/how-it-works
Where it states-
“You can disclose your addresses to your friends so that they can pay you or vice versa. In fact, this is pretty similar to how email works, except that Bitcoin addresses should be used only once.”
It’s Time to Switch to Blockchain-Based Email Systems:
https://news.bitcoin.com/blockchain-based-email-systems/
See the few comments from above link.
–
Reengineering:
“Innovations trigger change. And, as always, change threatens us with risks. Bitcoin and the blockchain will enable us to get rid of those expensive and inefficient business processes that do not add value. Instead, we can create mind-blowing and unimagined new ones. Indeed, let’s reengineer the corporation all over again.”
https://news.bitcoin.com/bitcoin-blockchain-case-new-reengineering-revolution/
–
How secure is the Bitcoin protocol?:
https://crypto.stackexchange.com/questions/316/how-secure-is-the-bitcoin-protocol
Take note of some risk factors already known.
–
There are a couple concept mail systems build on the above that I can find.
CryptaMail – looks to still be in beta since 2014.
SwiftMail – is a decentralized, peer-to-peer, proof-of-work, encrypted mail system that uses bitcoin technology to replace email.
Founder of McAfee Antivirus.
– – Please look for comment in any supplied links
I like people that think – Cheer’s
Hi PGP,
That probably will never be considered as-
“Proudly Engineered in Germany
Our entire team is based in Hanover, Germany. All your encrypted emails are stored on our own servers in highly secured data centers in Germany. With its strict data protection laws and the GDPR, Germany has some of the best laws in the world to protect your right to privacy. The German constitution stresses the importance of freedom of expression and of the human right to privacy.”
.
“Everybody knows that data protection laws in Germany are very strict, and that German companies are compelled to protect their users’ data by law.”
https://tutanota.com/blog/posts/data-protection-germany/
.
“Data Privacy Protection: Why Tutanota Is in Germany.”
https://tutanota.com/blog/posts/data-privacy-germany/
.
“Switzerland plans to revise their data retention law BÜPF so that all communication data (post, email, phone, text messages, ip addresses) can be stored for 12 months. The opponents of this law even say that it would allow the monitoring of mobile phones and the installation of trojans on computers, tablets and mobile phones.”
https://tutanota.com/blog/posts/stop-buepf/
Greetings : )
Hey Matthias Pfau,
Thanks for an in depth look at PGP from an authoritative view.
Kind of wondered why Tutanota broke free from PGP, now I know.
[PGP is not fit for the future > 3. PGP is not always compatible with PGP.]
That was news to me and then how you explained “EFfail and what comes next” was helpful to bring it all together.
I’ve learnt much from Sven and the Restore Privacy site, then a lit bit in helping answer other as I quest for their’s as well as my own knowledge.
All small drops in my bucket, so it’s always good to hear from someone who really knows.
–
A $5.00 question about Tutanota’s secure search.
How secure is the full-text secure search through it’s encrypted data?
Be it used with a webmail client or the client is installed locally, it all working through the browser isn’t it?
– I don’t know if installed clients work differently – maybe like a client connects to the Tutanota secure server directly.
@If so, wouldn’t that be more secure than the webmail secure search through the browser to the secure Tutanota server? Explain please.
**Using the browser and webmail would there be a need for some kind of sandboxing used to keep that unencrypted data inaccessible to the OS system itself?
Where the likes of memory, search history, cookies, DNS resolver cache doesn’t keep something unencrypted in the system of the search / data?
–
Can you say definitely say that Tutanota will not offer IMAP, POP3, and SMTP functions – mainly because it already offers the mobile clients?
–
What should be included in an encrypted email client-
1. Make the dark theme a setting > global setting from your account.
(instead of having to be elected at every login)
2. Add the click and drag feature of the text body in a message – instead of needing to use the scroll bar for long messages.
3. Some way to collapse or hide the left column for the full view of messages. Also a way to enlarge the texts of the mail UI and the texts of messages.
These seem like little and easy things to do.
Being old sucks… This is in the use of the webmail and not an installed Tutanota system client.
–
One last thing and I’m not at all suggesting Tutanota become a VPN offering too.
But with the cryptography (updated encryption) started in WireGuard can you see a use or a possibility in a variant of this encryption used in email systems going forward at some point?
– ChaCha20 for symmetric encryption, authenticated with Poly1305, using RFC7539’s AEAD construction
– Curve25519 for ECDH
– BLAKE2s for hashing and keyed hashing, described in RFC7693
– SipHash24 for hashtable keys
– HKDF for key derivation, as described in RFC5869
https://restoreprivacy.com/wireguard/
Thanks : )
Hard Sell, do you realize Matthias Pfau doesn’t visit this site? Even if he would, he’s not going to reply to comments. I mean, he’s not like Yegor S [founder of Windscribe VPN] who attacks people who disagree or challenge him.
No, Hard Sell is correct and Matthias said he could answer questions here in the comments if/when he has time.
Thanks Sven for the conformation !
That’s what I understood from my reading.
Every few months a checkin and reply by any Tutanota staff would be appreciated here.
–
Trouble I have is I think to much and if I knew more (hands on application of real experiences) I would be able to answer most of my own questions and their not needing to be asked.
–
Maybe you’ll do a – Interview: 10 Questions for Tutanota Secure Email Service.
– Then an article at some point covering Bitcoin advantages and downsides – pro’s / con’s.
@ If there’s one thing to be witnessed of an Internet use of today and in the future world – it’s a continuing erosion of PRIVACY.
Thanks for being a privacy guru and someone I see as a friend.
Thanks for your thoughts : )
Guess we’ll see, I’d rather see anyone from Tutanota answer here instead of having to use Reddit – r/tutanota, that their blog replies seem to have moved over to. See-
(My reply to Marco – Hard Sell FEBRUARY 27, 2019 / bout a third page scroll on my screen) https://restoreprivacy.com/secure-email/#comments
– Then why Reddit isn’t a favorable medium to use – especially for a secure mail provider.
https://restoreprivacy.com/stop-using-reddit/
–
Windscribe isn’t the subject here in this topic, I do see your point – connection of answering relations though.
As the VPN market is already heavily saturated, so a company being confrontational anywhere – is to me a loosing market strategy. Sometimes some comments made should be overlooked. Otherwise what good does it do to the bottom line in a revenue stream for said company?
Thanks for your feedback, particularly on the features you’d like to see added to Tutanota!
About secure search and desktop clients – you are raising two questions here:
* How secure is search? Search on encrypted data is handled locally via a search index. This search index is stored encrypted on your device (browser, desktop client or app) so it can only be accessed with your Tutanota password to secure your data. Our server never sees your data or your search queries.
* Security of browser vs desktop clients. The desktop clients are the most secure way of using Tutanota because we are able to sign the clients. By verifying the signatures, you can make sure that you are using the exact version of Tutanota that we have published and no one has tampered with the code. For the web version, we have implemented DANE to reduce the risk of MITM attacks, check here for details: https://tutanota.com/blog/posts/dane-everywhere/
–
Thanks for the wireguard suggestion. We plan to update the algorithms for Tutanota to make iquantum-resistant, but first we need to do some research to decide which algorithms should be used. Right now, it is too early to say.
Hi Matthias Pfau I’m appreciative of your response.
I take it Tutanota would like to keep this Q and A exchange specific and particular to any needed features users would like to see added to the Tutanota clients.
– You may, welcome any feedback on Tutanota as it always insightful, helpful and lets you know about the strengths and weakness as it’s accepted and used by the customer.
–
I’d like to give such feedback as a personal user with no need for your offering being adaptable to business use,
Ex: encrypted calendar, encrypted notes, encrypted drive.
– Overall I find Tutanota has met my needs.
1. Ease of encryption, were the entire mailbox in all it’s data there as well as the address book is stored encrypted on Tutanota’s own servers in ISO 27001 certified data centers in Germany.
* As there are times and/or contacts we all have where using encryption on message’s sent/received is not feasible to use. But yet, every message stays protected as encrypted by a users own login credentials – where in other words a zero access mail system is in place. You own your data !
–
@ This was a quest I had to find the best overall email option for myself to use as one mail service – as balanced for general web correspondence interactions.
You know today in online services, even brick and mortar business in your local require you have an online identity that’s tied to an electronic address. Your email address…
– Email is the most unsecured medium for your communications use.
But, we hold fast to the belief it’s a union in only a one-to-one correspondence of nature where highly sensitive information can pass in a private way.
– – Without encryption it’s not private at all, it’s an open post card – readable medium. And actually (the sending of a script, not very different than a word file), not like the Postage system of a sealed envelope – unless encryption is used.
This leaves all other unencrypted emails in different types of confidential content as plain texts, data not obfuscated, so the servers their passed through and the recipients mail service provider all have access to your information.
With Tutanota I know every one of these message stays protected as encrypted on my end in my account that I only can access.
So Thank You for offering TUTANOTA…