Whole (formerly Tutanota) is a secure email service that stands out for the use of an end-to-end cryptographic algorithm: this means that the keys for encoding and decoding emails exchanged between users reside exclusively on their devices and are never shared with other parties, not even with the service manager. In another article we presented a comparison between Tuta and ProtonMail, both services based on cifratura end-to-end.
With the advent of increasingly powerful quantum computers, the post-quantum cryptography it is considered a threat to traditional encryption algorithms. THE quantum computers, with their computing power, could compromise many of the current cryptographic algorithms, especially those based on public key cryptography. These traditional algorithms are based on mathematical problems such as factorization of large numbers and discrete logarithm computation, which can be solved efficiently using future quantum computers.
It NIST (National Institute of Standards and Technology) has long since begun to identify cryptographic algorithms that resist the action of quantum computers. There was no shortage of “blunders” either: some time ago, for example, there was talk of the emblematic case of an algorithm described as resistant to quantum computing which instead was defeated with an older Intel Xeon processor.
Tuta adopts TutaCrypt to protect user emails from post-quantum attacks
Quantum computers powerful enough to put the data encryption created using traditional algorithms, are yet to arrive. Yet, as mentioned previously, it is wise to move in time.
Directly involved with the German Government to develop an effective post-quantum algorithm to be used to protect data managed by public bodies, Tuta presented today TutaCrypta tool that aims to protect user communications from so-called “attacks”harvest now, decrypt later“.
What does it mean? That today the threat to the unauthorized decoding of encrypted communications, is practically non-existent. Tuta’s idea, however, is to protect the communications that could be collected now, in encrypted form, by interested parties, and then subject them to a decoding action when sufficiently powerful quantum computers become available.
From a technical point of view, TutaCrypt combines the algorithm CRYSTALS-Kyber resistant to quantum attacks with the mechanism X25519 for key exchange Elliptic-Curve-Diffie-Hellmann.
Like others player on the market, including Signal and Apple (iMessage), Tuta has chosen a hybrid model that combines the use of the most advanced post-quantum algorithms with traditional encryption, in order to protect user data from current and future threats.
“With TutaCrypt we are revolutionizing email security. For the first time, people can now send and receive encrypted emails with such a degree of security that not even quantum computers will be able to break the encryption and decipher messages“, said Tuta CEO Arne Möhle. “And the best thing about Mail suit– This unique encryption can be used to send end-to-end encrypted emails to anyone in the world, regardless of which email provider they use, with a simple password exchange“.
The opening image is taken from Tuta’s post.