Google Plans To Launch An Easy-To-Use Chrome Plug-In For Email Encryption Soon

June 3, 2014 – 9:31 PM

Google today announced that it will soon release a Chrome plug-in that will enable end-to-end encryption for web-based email services. The plug-in is based on the OpenPGP email encryption standard.

Google’s plan here is to make encryption easy enough to use to become widespread among mainstream users. Right now, unless you are fairly technical and can get extensions like Mailvelope to work for you, using Gmail — or any other popular email service — with encryption enabled is pretty hard. Because of this, very few people actually encrypt their messages today.

While Google announced this project today, however, it isn’t actually launching the plug-in yet. Instead, it is sharing the source code with the community to test and evaluate it. Given the recent issues around the Heartbleed bug in the OpenSLL library, that’s probably the right approach. “Prematurely making End-To-End available could have very serious real world ramifications,” Google rightly says.

The plug-in is covered by Google’sVulnerability Reward Program, so developers and security researchers who find issues with it can get prizes for finding bugs.

Google says that the new plug-in will let “anyone” enable end-to-end email encryption “through their existing web-based email provider.” Chances are then, this plug-in will work with more than just Gmail and cover other popular services as well. Given that the recipients have to somehow decrypt your encrypted email, it wouldn’t make sense to just offer this for Gmail anyway.


You must be logged in to post a comment.