Making Encrypted Email Usable

When Edward Snowden reached out to Glenn Greenwald and Laura Poitras he insisted they use specific encryption methods. The two journalists required quite a bit of assistance from Micah Lee in order to communicate safely using Pretty Good Privacy, an email encryption standard which has been around twenty years.

The dance required is simply too complex for the average user, who doesn’t want cryptography; they just want to communicate safely. @SwiftOnSecurity, Twitter’s self appointed Information Security Thought Princess, recently summed up the issues in a single tweet.

But I’m Using SSL to Read my Encrypted Email

@SwiftOnSecurity Knows PGP
@SwiftOnSecurity Knows PGP

The only place where cryptography is universally available and generally used is within browsers, via a method that we continue to refer to as SSL. That is short for Secure Sockets Layer, which was replaced by Transport Layer Security, a newer standard that addresses some conceptual problems with the original method. When you log into your email account with Gmail or Yahoo, somewhere on your browser there is a small padlock icon that turns green, indicating a safe connection.

That padlock turns green because your browser shipped with a number of X.509 certificates, issued by certificate authorities, trusted companies like Verisign and CAcert. Their root certificates are used to sign the certificate of the email server, providing a ‘chain of trust’ that ends at your browser.

And all that you have accomplished is protecting you from someone between you and your email provider reading your traffic off the wire. The service provider itself can read your messages unless you take similar steps to encrypt the text, which is where PGP comes into play. As you know, assuming you clicked through to the story about Lee helping Greenwald and Poitras, this wasn’t a trivial process for them.

Things have gotten a tiny bit easier on this front, thanks to a tool called Mailvelope. This browser extension, available for both Chrome and Firefox, replaces the cumbersome combination of standalone mail client and standalone PGP program. If you have never used PGP before you should be able to install the plugin, generate a public/private key pair for yourself, and be sending encrypted emails within about fifteen minutes.

Who Would You Email?

The biggest problem with encrypted email is that it is a ‘complex social contagion’. People don’t catch the encrypted email bug from a friend, usually they catch it from a group. Unless you join a circle of individuals already using PGP, you are unlikely to find much cause to use it even if you did complete the simple Mailvelope install.

The PGP documentation suggests that users will attend ‘signing parties’ where they will meet each other and validate their contacts keys. This may have happened at MIT, where PGP was developed, but in the real world things have progressed differently. There are some industries where PGP fingerprints on email signatures are as common as cell phone numbers, but those are generally very technical audiences. Encrypted email uptake is either near universal or almost entirely absent.

A notable effort to solve the initial introduction problem is happening at Keybase, founded by Chris Coyne and Max Krohn, names you might recognize from their very successful dating site, OkCupid. Artist and designer Caroline Hadilaksono rounds out the site’s leadership. Keybase’s features are amazing, as they’ve produced a slick, pleasant to use web site and paired this with a set of command line tools that will put a smile on the face of the pickiest of Unix system administrators.

Right now Keybase is invite only, and it’s on the march through the existing territory where PGP is used. When this is made broadly public, which appears to be scheduled for early 2015, email privacy is going to take a massive step forward.

But then You Walk Out the Door

Mailvelope is a browser extension. Keybase is a web site and some Linux command line utilities. Once you walk out the door with either Android or iPhone you’re back to the same problem that’s bedeviled PGP from its inception. Select and install an email client. Select and install a PGP package. Move your keys from Mailvelope to the new program.

There are a lot of good things happening for mobile devices, in particular the addition of Whisper Systems secure SMS tools to Android alternative CyanogenMod, which instantly added ten million users of encrypted text messages. Given how smooth Keybase is they no doubt have a plan for mobile users, but there isn’t even a hint of when this might happen.

Preparing for 2015

The problem of securing email communications over the wire, on the server, and on your mobile device will be solved in 2015. Thanks to Edward Snowden, the pressure to innovate is enormous, so much so that the work will be done before the U.S. Congress can get under foot with burdensome regulations meant to protect a surveillance dragnet that is neither effective nor constitutional.

If you’ve never touched PGP, Mailvelope is a good way to get some experience. Given Keybase‘s smooth implementation and solid backers, it’s liable to be the defining application in that space. Unfortunately, unless you know one of the crypto boffins with early invites, all you can do for the moment is watch and wait for general availability.

Images from Twitter and Shutterstock.