As privacy consciousness has increased, phrases like “zero knowledge” and “end-to-end encryption” have become buzzwords of sorts. Many businesses, products, and online services have sprung up in the wake of Edward Snowden hoping to get a slice of the rapidly expanding market for privacy-enhancing technology. But which ones are all talk and which deliver? Let’s take a look at a few email providers who might fit the bill.
Started in 2013, ProtonMail specifically cites Edward Snowden as an inspiration for their service. They make a big deal out of two things: the fact that they are based in Switzerland, and their two password system. The gist is that ProtonMail is marketing themselves as the “Swiss bank account” of email providers. Indeed, they say just that on the page detailing their security measures: their servers “are colocated in some of the same secured and guarded datacenters used by Switzerland’s famed private banks”. Elsewhere they boast of a “secure datacenter facility hidden inside a Swiss granite mountain” and that this is a “former military command center deep inside the Swiss Alps”.
ProtonMail is still in beta but the user experience is on the whole very smooth and mature. There may be a short wait if you request an account at the moment, as a sudden spike in popularity coinciding with their IndieGoGo campaign maxed out their servers.
In the meantime many exciting features are in the pipeline. While they strive to make the encryption and decryption invisible in the name of usability, optional key management is on its way allowing users to import GPG keys of non-ProtonMail users so that the security can interoperate with other services. Aliases are also coming soon.
If you and a non-ProtonMail user can agree on a passphrase beforehand, you can also exchange end-to-end encrypted messages with people who have no knowledge of cryptography whatsoever. ProtonMail’s code is not yet open source but they have announced plans to release it in the future.
If you’re looking for a service that’s a little more mature than ProtonMail, the German provider Tutanota may be for you. Founded in 2011, they officially left beta on the 24th March 2015. Notably, Tutanota does not utilise the popular PGP method for encrypting messages. Instead, they explain, theirs is a custom solution using 2048 bit RSA keys and AES-128 created on the compelling grounds that PGP does not encrypt the subject line of emails. If you are wary of using cryptography that’s less tried and tested, some reassurance may be found in the fact that Tutanota, unlike ProtonMail, has already open sourced its code. Tutanota also has apps for iOS and Android, and a plugin for Outlook so that users don’t have to access their accounts using a web browser – all developments that are still on the cards for ProtonMail.
However Tutanota logs users in and decrypts their mailboxes using the same passphrase, which means a little more trust is required if you are to believe the claim that they can’t and won’t access users’ messages. Nonetheless the user experience is just as smooth as ProtonMail’s and Tutanota also allows email exchanges encrypted by passphrase for private correspondence with users of other services.
If you need your account immediately, Tutanota is probably the best choice as there is no longer a waiting period to take advantage of their services. When creating your account you can also choose from a variety of domains: tutanota.de, tutanota.com, tutamail.com, keemail.me, and my personal favourite: tuta.io. Tutanota warns that the account creation process freezes if you use Tor Browser inside Windows, so watch out if that is your intention, but they are working on fixing this.
Also from Germany is Lavaboom which started in 2013 and might be described as a cross between ProtonMail and Tutanota in that it utilises OpenPGP.js but uses a single password system. The similarly named Lavabit famously shut down rather than hand over its private SSL key to the US government as part of its investigation into Edward Snowden’s leak. Lavaboom, which came about shortly afterwards, is clearly named in its honour.
Lavaboom has opted to use 4096 bit RSA keys – twice the size of ProtonMail’s and Tutanota’s. If a strong key is the most important thing to you, this may be the best choice. When creating your account, you are offered to choose between using “Lavaboom sync”, meaning Lavaboom’s servers store your private keys encrypted or saving your keys to your browser’s cache. The downside of the latter method is that in the event your cache is wiped, you will no longer be able to access your emails unless you have saved a back up of your key and re-upload it when you next log in, so be careful that you don’t lose access to your inbox by destroying your keys.
I did find that Lavaboom’s user experience isn’t quite as mature as Tutanota’s and ProtonMail’s. When creating my account and sometimes when logging in using Tor Browser inside Linux, the loading page freezes at “Initializing OpenPGP.js” requiring me to refresh the page until it works properly. Nonetheless, Lavaboom is still in beta so we can expect quirks like this to be ironed out. I hope that in the course of this, the process of choosing between caching your keys or using Lavaboom sync is made clearer, as it was initially a bit confusing for a provider whose aim is make encryption easy. However it could be appealing if you’re looking for more fine-grained control than ProtonMail and Tutanota can offer.
If so, Lelantos is a paid though cheap service on Tor who may interest you. It is a little more advanced than the other three but it offers some impressive features like allowing users to import their own public key so that, if they are sent unencrypted emails, they are encrypted automatically on entering the server. While it is much better if the sender encrypts the message before sending, it is still preferable to no encryption at all. Members are also allowed to register over 100 aliases and create temporary addresses. A lifetime account costs 0.136BTC, or about $32.
Sigaint offers both free and paid versions of their service. Their upgrade page explains the difference between the two plans: a $30 lifetime subscription grants you increased storage, SMTPS/IMAPS/POP3S support, full disk encryption, easier PGP integration, Bitmessage support, and priority customer service.
Ruggedinbox.com is a fully free email provider offering both clearweb access over TLS/SSL and a Tor onion site. If you’d like a privacy-friendly email provider and don’t mind managing your own PGP keys, this is an attractive choice. IMAP, POP3, and SMTP are all free of charge and you can also create temporary accounts with a pre-set expiry date. When logging in to web mail, you can choose between the JS-less SquirrelMail or the more modern RoundCube which requires JS. While free, users are encouraged to donate to their BTC address on their homepage. RuggedInbox also sells VPSes to those who want their own private email servers.
While it may be a nuisance, the best security is always offered by being in control of your own private key. Services that simplify key management often sacrifice a large amount of that control, but for the purpose of emailing people without knowledge of cryptography, the increase in security and privacy is significant when compared to providers like Hotmail or Gmail. Therefore, if all you are looking for is to go about your daily activities with greater privacy, providers like ProtonMail, TutaNota and Lavaboom offer you just that. For extraordinary protection, never trust your key management to a third party.