Still responding to the National Security Agency surveillance revelations, Google is reportedly preparing to help users beef up Gmail security with end-to-end encryption. The search giant is working on a way to make Pretty Good Privacy (PGP) encryption easier to use for Gmail fans, according to a report by Venture Beat.
The idea that Google would be working on email encryption is surprising since that would threaten the company’s ability to scan email messages for keywords to insert ads—a fact the Venture Beat report acknowledges.
Perhaps the company merely wants to make PGP easier to use for the small sliver of people who might actually want more privacy with their email. But as a regular feature for all? Not likely.
PGP explained
PGP relies on public-private encryption key pairings that make it all but impossible for someone other than the intended recipient to read an encrypted message.
Say Sally wants to send Bob a message. Once she’s done composing it, Sally uses Bob’s public encryption key to encrypt the message turning it into a bunch of garbled nonsense. Then only Bob can decrypt the message using his private key.
An attacker would have to spend an impossibly long time guessing combinations to decrypt the message, making it, as we said, nearly impossible.
There are ways around decryption such as stealing private keys or hacking into a PC once the message has been decrypted. But for the most part, public-private keys offer a reasonable amount of privacy.
PGP problems explained
The only problem is that employing PGP—or its open source alternative GNU Privacy Guard (GPG)—is not at all user friendly.
There are attempts to make encryption easier already such as the Thunderbird extension Enigmail and the browser plug-in Mailvelope. But so far only a relatively small number of users have been willing to try these easier solutions.
With millions of Gmail users, Google could widen the PGP/GPG user base considerably if it wanted to—but end-to-end encryption offers some big problems for a mainstream service like Gmail.
The biggest difficulty for any user, whether novice or advanced, is to keep your private key secure. If your hard drive containing your keys crashes, for example, there goes your private key along with the hope of ever reading messages encrypted with it.
If you’re trying to manage encrypted email on your PC, smartphone, and a tablet, that means your private key will have to reside on all those devices. Transferring a key around could result in losing control of it if you send the key to yourself via email, your device gets hacked, or you lose an unencrypted flash drive containing the secret data.
A simpler solution for Google might be to hang on to everybody’s keys on a third-party server. That way, the user doesn’t have to deal with private keys and reading email across devices is that much easier.
But once Google has your private key the company can technically read your email, making the whole point of using encryption somewhat pointless, especially if the NSA or other three letter agency comes knocking—see Lavabit’s woes.
Follow the money
Then there’s the previously mentioned email scanning Google loves to do so it can insert ads based on keywords into your messages.
Perhaps Google could employ some kind of JavaScript magic in the browser that lets it scan messages once they’ve been decrypted. But Google would still have to send that post-decryption data to its servers to figure out which ads to display.
Once that happens your private messages are landing on Google servers, where they would could once again be available to law enforcement or surveillance agencies with the right paperwork.
Email encryption is nice a dream for Gmail, but the hassles of key management and ad delivery mean PGP/GPG would probably never be more than a feature buried in Gmail Labs, where only the most dedicated advanced users would find it.
If you’re interested in trying out email encryption with a public-private key pair, check out our tutorial on how to use the Enigmail Thunderbird extension.