Secure Google official extension "End-To-End" enabling encrypted mail to be sent and received even in defense-proof Japanese mail service



Encryption is done when sending and receiving mail, and the extended function that protects the contents of the mail so that it is not intercepted by a third party is "End-To-End"is. It was developed by Google's official team, so that you can securely encrypt any mails sent and received from any mail provider using OpenPGP.

End-to-end - End-To-End - Google Project Hosting
https://code.google.com/p/end-to-end/

In the first place, why do we need to encrypt e-mails? If you do not encrypt e-mails, third parties will be able to intercept content relatively easily while sending and receiving e-mails. In order to prevent e-mails being sent and received from being intercepted, some e-mail providersTransport · Layer · SecurityThere are many places that are actively working on encrypting mail using the technology called TLS (Google TLS), and Google's Gmail is one such service.

This TLS is a protocol for encrypting mails and delivering them securely when sending and receiving mails, but the mail providers on both the sending and receiving sides of mail must be TLS compliant. So, when sending and receiving mail via TLS noncompliant mail provider, the risk of being intercepted by a third party increases.

Google's public reportAccording to the percentage of mail encrypted, it is as follows.

When sending mail to another provider with Gmail, 65% of the mail is encrypted.


On the other hand, if you receive mail from another provider in Gmail, it means that 50% is encrypted, so half of the mail will be sent unprotected without being encrypted.


Furthermore, the following graph shows the encryption ratio of domains frequently sent and received mail with Gmail.


By narrowing down the region to Asia, you can see that most domains are not yet compatible with encryption. Also, if you look closely well, well-known domain names such as "rakuten.co.jp", "yahoo.co.jp", "docomo.ne.jp", "ezweb.ne.jp" are also lined up, and most of them It looks like it is not encrypted at all. How much is this?Strong passwordsEven if you are generating an e-mail confirming account information sent at the time of registering some services, it may be possible to get out one by just being intercepted ....


In order to remedy this situation, Google's official extension is "End-To-End". until nowPGPYaGnuPGAlthough encryption software such as encryption software has been used, many knowledge is required to introduce them. So, in order to make it easier to encrypt e-mails, Google has taken over development.

End-to-end - End-To-End - Google Project Hosting
https://code.google.com/p/end-to-end/


This time it is the alpha version of the source code for the test, which is the stage when testing is done by publishing it on Google Code. Although it is not yet complete, there are possibilities that there are bugs etc, but it is said that they are planned to be delivered as Chrome Web Store as an extension when they are modified.

in Software, Posted by logu_ii