Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

Google Previews End-to-end Encryption Extension for Chrome

Google has released a preview version of a new Chrome extension designed to give users the ability to encrypt, decrypt, digital sign, and verify signed messages within their Web browser using OpenPGP.

Google has released a preview version of a new Chrome extension designed to give users the ability to encrypt, decrypt, digital sign, and verify signed messages within their Web browser using OpenPGP.

Dubbed “End-to-end” by the search giant, the new browser extension will encrypt data leaving a user’s browser until the message’s intended recipient decrypts it, Google said.

“While end-to-end encryption tools like PGP and GnuPG have been around for a long time, they require a great deal of technical know-how and manual effort to use,” Stephan Somogyi, Product Manager, Security and Privacy at Google, wrote in a blog post Tuesday afternoon.

End-to-End was built using a newly developed, JavaScript-based crypto library and implements the OpenPGP standard, IETF RFC 4880, enabling key generation, encryption, decryption, digital signature, and signature verification, Google explained.

Currently in Alpha, End-to-End is not yet available in the Chrome Web Store. The company has shared the code in order to have the community test and evaluate it before people begin to rely on it. To that point, Google has added End-to-End to its Vulnerability Reward Program and will award researchers with cash for finding flaws in its code.

“Once we feel that the extension is ready for primetime, we’ll make it available in the Chrome Web Store, and anyone will be able to use it to send and receive end-to-end encrypted emails through their existing web-based email provider,” Somogyi noted.

Earlier this year, Google said that its Gmail service would use added encryption to protect against eavesdropping and keep messages secure in an effort to up encryption after Edward Snowden began to leak classified details on the scope of US government spying. 

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Privacy

The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.

Application Security

Microsoft’s security patching machine hummed into overdrive Tuesday with the release of fixes for at least 97 documented software vulnerabilities, including a zero-day that’s...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...