Google has released a preview version of a new Chrome extension designed to give users the ability to encrypt, decrypt, digital sign, and verify signed messages within their Web browser using OpenPGP.
Dubbed “End-to-end” by the search giant, the new browser extension will encrypt data leaving a user’s browser until the message’s intended recipient decrypts it, Google said.
“While end-to-end encryption tools like PGP and GnuPG have been around for a long time, they require a great deal of technical know-how and manual effort to use,” Stephan Somogyi, Product Manager, Security and Privacy at Google, wrote in a blog post Tuesday afternoon.
End-to-End was built using a newly developed, JavaScript-based crypto library and implements the OpenPGP standard, IETF RFC 4880, enabling key generation, encryption, decryption, digital signature, and signature verification, Google explained.
Currently in Alpha, End-to-End is not yet available in the Chrome Web Store. The company has shared the code in order to have the community test and evaluate it before people begin to rely on it. To that point, Google has added End-to-End to its Vulnerability Reward Program and will award researchers with cash for finding flaws in its code.
“Once we feel that the extension is ready for primetime, we’ll make it available in the Chrome Web Store, and anyone will be able to use it to send and receive end-to-end encrypted emails through their existing web-based email provider,” Somogyi noted.
Earlier this year, Google said that its Gmail service would use added encryption to protect against eavesdropping and keep messages secure in an effort to up encryption after Edward Snowden began to leak classified details on the scope of US government spying.
