Google to Release End-to-End Encryption for Chrome

Google announced on Tuesday its plan to release a Chrome plug-in based on the OpenPGP e-mail encryption standard that would enable end-to-end encryption for Web-based e-mail services.

Encryption enhances the security of a file or message by scrambling the contents. Only those who have the correct key can read them. Information such as addresses, phone numbers and credit card numbers are often encrypted.

But the search engine giant reportedly won't be releasing the plug-in anytime soon. The security team stated it would like to test the code with some volunteers first.

Product manager of security and privacy Stephan Somogyi wrote in a blog post: "You won't find the end-to-end extension in the Chrome web store quite yet; we're just sharing the code today so that the community can test and evaluate it, helping us make sure that it's as secure as it needs to be before people start relying on it."

Google promised to give prizes to developers and security researchers who could find a bug on the code, under its Vulnerability Reward Program.

Google boasted that using the new plug-in, "anyone" would be able to perform end-to-end e-mail encryption through their existing Web-based e-mail provider. It would also work with Gmail and other services so that even non-Google users could decrypt the code.

Google did not give a hint on how the plug-in would look like, nor in what way it would make encryption easier. The company's current public key encryption is quite difficult to set up; making it a challenge to develop a system that everyone would understand, Techcrunch reported.

"We recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection. But we hope that the End-to-End extension will make it quicker and easier for people to get that extra layer of security should they need it," Somogyi wrote.

Google also announced the results of its first e-mail encryption transparency report which showed the number of e-mail providers that encrypt messages. The report revealed that 65 percent of messages from Gmail to other providers are encrypted, compared to 50 percent of emails sent from other services to Gmail.

Real Time Analytics