Tuta Mail, the German end-to-end encrypted email service, has introduced TutaCrypt, a new protocol aiming to give the platform resistance to quantum computing threats.
The problem TutaCrypt addresses is the risk of extremely powerful quantum computers enabling the decryption of data that is now considered secure. Tuta Mail’s algorithm of choice was AES 256, combined with Argon2 for key derivation, which are uncrackable by today’s computers, but can be easily deciphered by quantum computers.
While powerful quantum computers are not yet a reality, Tuta Mail is taking a proactive stance by implementing quantum-safe encryption early on. This measure is crucial to safeguard against potential ‘harvest now, decrypt later’ attacks. These attacks involve collecting and storing encrypted data, potentially containing sensitive information, for decryption when quantum computers reach sufficient levels of maturity and power.
TutaCrypt combines quantum-safe algorithms like CRYSTALS-Kyber for key encapsulation and x25519 for Elliptic-Curve-Diffie-Hellman key exchange with conventional algorithms such as AES and RSA, ensuring comprehensive protection against both quantum and traditional computational threats.
“With TutaCrypt we are revolutionizing the security of email. For the first time, people can now send and receive emails that are encrypted so strongly that not even quantum computers will be able to break the encryption and decipher the messages. This unique encryption can be used to send emails end-to-end encrypted to anyone in the world, regardless of their email provider, with a simple password exchange!”
Arne Möhle, CEO of Tuta Mail
In this first phase, post-quantum protection is applied to the “Confidentiality” part of the communications exchange, where the most significant threat to decrypt data is posed. “Authenticity” and “Integrity” will continue to be protected by the classic algorithms, as the impact of quantum computers on digital signatures and hash functions is less pronounced. Tuta notes that this leaves some risks, especially in cases where long-term identity keys are compromised, so expanding the implementation of the hybrid encryption system to all aspects of the product is in the plans.
TutaCrypt will be gradually rolled out to all existing Tuta Mail users, while new accounts will get it immediately. Users do not have to take any action to activate the new protocol, so the transition should be seamless.
Tuta says its partners in the PQDrive project, which the German government funds to develop a post-quantum secure cloud storage and file-sharing solution for the state, have scrutinized TutaCrypt and found no security concerns. The firm plans to have an independent body review and verify it too, in the future.
If you’ve never tried Tuta Mail and are interested in learning more about its features, pros, and weaknesses, check out our in-depth Tuta review for more info.