Google offers users GMail to use end-to-end encryption

Corporation Google готовится release a special browser extension Google Chrome, which allows users to GMail service encrypt the message before sending it to prevent the interception of communications. Expansion under the simple title End-to-End i> uses the standard OpenPGP , but not yet ready for release, as Google asks for help from the community.

Google Security Team has decided to release the first source spreading code licensed under the Apache 2.0 , before extension will be published in Chrome Web Store. The reason is simple - Google faced a number of difficulties, so the company is not yet sure that their implementation OpenPGP reliable. At Google, note that JavaScript runtime architecture is different reliability, since it can not control what happens on a native level, so there is a risk of data loss. Noting the causes of this project, the company said that there are currently GnuPG and PGP , but they require the user knowledge in the field of encryption, while the expansion of Google's attempt to hold the encryption process as much as possible to the user friendly. As for the JavaScript, then the FAQ Google gives some explanation.

To fix all the possible flaws in the design of the expansion, Google includes a new product in the list of available rewards for finding and exploiting vulnerabilities. Thus, using Google asks not free, but with the ability to receive a reward of $ 500 to $ 20,000.

Google also asks users when using extension disable sending anonymous usage statistics to the company, since in some cases (like falling browser) can go to Google data to recover the private key of the user.

FAQ Once you have published the source code, I could publish the extension in itself Webstore? B>
Please do not do this.
The development team understands that this extension could potentially use journalists, human rights activists and others who may not be tech-savvy, so this expansion can cause unpleasant consequences.
We are releasing the source code, in the hope to identify vulnerabilities that could miss our kompandy. So once we get enough evidence that our implementation is reliable, we are releasing the expansion of the catalog and provide further support. I>

Does encryption with attachments, or just with the text messages in GMail? B>
text-only. Remember, too, that the subject of the letter and the list of recipients also will not be encrypted. I>

Why do you use a key generation only on elliptic curves? B>
RSA-generation slower than elliptic curve i>.

Will End-to-End work on mobile devices? B>
At the moment, Chrome on Android and iOS do not support the expansion, so no. I>

What are the specifications you are using in the expansion? B>
RFC4880 - message format OpenPGP
RFC6637 - OpenPGP-elliptic curve cryptography i>
Unfortunately, the extension does not yet support the specification on MIME-protection with OpenPGP and по algorithm Camellia .

I kryakozyabry! B>
We were trying to avoid displaying kryakozyabry for non-Roman languages, but do not be surprised if you meet kryakozyabry, especially in the service area. Automatic checks encodings we did not realize. I>

Are private keys in memory, they are cleaned after each operation, or there is a cache for the passphrase? B>
The private key is stored unencrypted in memory. We recommend that your "charm" had a code phrase. In this case, the private keys are stored in encrypted localStorage. I>

Well, how are they protected? B>
Since the keys are in the localStorage, you should encrypt them. If just in memory unencrypted, then just rely on the sandbox Chromium. I>

JavaScript? SRSLY? B>
Yes, when we started work on the End-to-End, all previous JS-liby does not suit us, so we had to pile the. We fully understand all the threats that conceals JS encryption, so take all come to mind mitigation and elimination of risks i>.

In javaScript no support for multi-core. Where do without it in the encryption? B>
Modern engines such as V8 in Chrome, support typed arrays, and provides WebCrypto cryptographically strong random number generator i>.

Crypto-projects in JavaScript in the past have often broken, reducing the credibility of the language for the implementation of such serious things. B>
true statement. But in practice, no common language does not provide 100% protection against vulnerabilities.
We are well aware of all the examples, so we originally set ourselves high standards of quality. We started from scratch created modern cryptography to Lieb, the test coverage. It provided support methods BigInteger, modular arithmetic of elliptic curves, as well as symmetric and public key encryption. By doing this, we have developed OpenPGP-shell on top of the library. Part of the library code used within our company in prodakshene i>.

full FAQ on Google Code .


For reference, i>. Earlier Habré already discussed example is similar extensions from third-party developers.

Source: habrahabr.ru/post/225147/