In the wake of increasing communication interception by various government agencies and hackers, most email services are rethinking their security services.
Though Gmail is considered to be one of the most secure email services available, there is always scope for improvement. Google has always been a pioneer in offering intelligent and secure technology to its users, and with Gmail, they are no different. They have recently announced improved encryption for Gmail and it is going to benefit their users in a lot of different ways.
All email clients have a basic email encryption system used to protect the privacy of all communication made through them. Systems like PGP (Pretty Good Privacy) have ruled the day. However, these systems are not very easy and even the most technically sound people are in the real danger of using these encryption systems incorrectly. This means a very few people actually use these systems. Therefore, Google has decided to create a new version of Gmail, which takes its encryption system very seriously.
The Current Scenario
PGP, the most common encryption system, was first released in a very basic form in 1991. At that time, it could be used using two main encryption keys. These are random numbers used to scramble communications and then descramble them to make full, understandable messages. The users have a public key, which allows them to encrypt all the scrambled messages sent to them. There is also a private key, which can only be used by the individual to decipher encrypted messages. This encryption system is very hard to crack, unfortunately, it is very rarely used correctly. People have struggled not only to sign their messages, but also to encrypt them. Therefore, they often shared their private keys, defeating the entire purpose of encryption.
The Google Story
Google has been able to recognize the problem with encryption systems and is ready to start work on improving them. It is in a position to solve the issues of key management and integration. This means, that when users use their Chrome browsers to read their mail, they will be able to keep control over their individual private keys, and would not need to download or use special software to do that. Therefore, by integrating the encryption systems with their browser, Google will eliminate the need for private encryption and decryption of the communications. Google could also take both the discover and the verification of the keys directly in the Gmail address book. This will allow for discovery and verification automatically.
Till now, PGP has remained safe because it is incredibly difficult to use. Though it is not able to serve its purpose correctly, simply because it is too hard to use, there is no telling what happens when PGP becomes user friendly. The ease of use, may in turn compromise the safety of the encryption system, rendering it not only ineffective, but unnecessary as well. This is indeed a double-edged sword.