Google-released Chrome extension allows easy in-browser Webmail encryption
Developers at Google have released an experimental tool—for Gmail and other Web-based services—that’s designed to streamline the highly cumbersome task of sending and receiving strongly encrypted e-mail.
On Tuesday, the company unveiled highly unstable “alpha” code that in theory allows people to use the Google Chrome browser to generate encryption keys, encrypt e-mails sent to others, and decrypt received e-mails. Dubbed End-to-End, the Chrome extension also allows Chrome users to digitally sign and verify digital signatures of e-mails sent through Gmail and other services. The code implements a fully compliant version of the OpenPGP standard, which is widely regarded as providing virtually uncrackable encryption when carried out correctly.
As Ars documented last year, the problem with just about every e-mail encryption software available today is they require much more time and effort than sending plain-text mail. Microsoft’s Outlook application, for instance, frequently crashes when working with the open-source GnuPG encryption suite. Some Outlook users, including this reporter, also experience problems when receiving encrypted e-mail from Mac users, since the encrypted messages are included in an attachment, rather in the body. End-to-End is intended to ease such burdens.
“While end-to-end encryption tools like PGP and GnuPGhave been around for a long time, they require a great deal of technical know-how and manual effort to use,” Stephan Somogyi, a Google product manager for security and privacy, wrote in a blog post published Tuesday. “To help make this kind of encryption a bit easier, we’re releasing code for a new Chrome extension that uses OpenPGP, an open standard supported by many existing encryption tools.”