Proton Mail to use blockchain to verify recipient's email addresses
Proton Mail plans to tap blockchain tech for email encryption key verification
With the launch of its new Key Transparency feature, Proton Mail, one of the best email services and stablemate of one of the best VPN services, has now entered the blockchain arena. The latest feature will allow users to verify a recipient’s email address and ensure that the sender is actually who he claims to be.
In an interview with Fortune, Andy Yen, Proton VPN and Proton Mail’s CEO, stated that they are using "blockchain in its very pure form" and that it has nothing to do with shady crypto scams.
Proton Mail stands apart from other email providers due to its sheer focus on privacy. Each email sent through Proton is end-to-end encrypted, ensuring only the sender and recipient can access the contents. It even allows you to send password-protected emails to recipients who are not on Proton Mail.
What is Key Transparency?
End-to-end encryption works by encrypting a message using the public key of the recipient, which can be opened only by the recipient using their private key – and this is a staple of the modern internet. If you're using a website on https, you're end-to-end encrypted.
However, the key concern lies in verifying the authenticity of the recipient’s public key.
It might so happen that the system is tricked into encrypting a message using a fake public key created specifically for a “man-in-the-middle attack.” This is a type of cyber attack when a malicious third party eavesdrops messages between the sender and the recipient.
However, the victims never know that they are being listened to and continue believing that they are, in fact, just communicating with each other.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
This is the exact problem Key Transparency aims to solve. The blockchain is like a permanent ledger—entries once made in a blockchain cannot be altered.
So, by putting recipients’ public keys on the blockchain, it's near-impossible for perpetrators to initiate a MitM attack. The system cross-references these entries every time an email is sent, thereby ensuring that the correct private key is used every time.
“In order for the verification to be trusted, it needs to be public, and it needs to be unchanging,” Yen said.
Feature roll-out
Key Transparency has recently been launched in its beta mode on Proton Mail’s private blockchain. If the tests turn out to be feasible, it will soon be introduced to public blockchains for mass usage.
Although Yen accepts this is not a feature an average user will need, he has stressed the importance of Key Transparency for sensitive professionals such as journalists, executives, politicians, and activists. Plus, Yen advocates using Proton Mail to escape the constant online surveillance and behavioral analysis.
Proton Mail currently caters to around 100 million users, with the numbers rising rapidly amidst growing privacy concerns.
Krishi is a VPN writer covering buying guides, how-to's, and other cybersecurity content here at Tom's Guide. His expertise lies in reviewing products and software, from VPNs, online browsers, and antivirus solutions to smartphones and laptops. As a tech fanatic, Krishi also loves writing about the latest happenings in the world of cybersecurity, AI, and software.