CERN Scientists Launch Encrypted Email Service With a Difference

Computer-security
20 May 2014

A team of developers from the European Organization for Nuclear Research (CERN) has launched a new encrypted email service that could put an end to government snooping – with a little help from bitcoin.

The system, called ProtonMail, works by encrypting the data in the browser before it ever comes into contact with the server. So, even if someone gains complete access to the server, it won’t do them any good because ProtonMail does not store the encryption key.

Group effort

ProtonMail was conceived by PhD student Andy Yen, who called on fellow CERN scientists to examine the problem of online privacy, or rather the lack of it, and see if they could come up with a solution.

Yen took to CERN’s Facebook group and the response was overwhelming. Within days, dozens of people decided to join the effort and more than 40 individuals took part in the discussion. The team eventually came to include both CERN and MIT (Massachusetts Institute of Technology) scientists, including four PhD physicists.

The core team of six started meeting at CERN’s Restaurant One and eventually they came up with ProtonMail.

“We’ve basically separated the message that’s encrypted apart from the key – all the encryption takes place on your computer instead of our servers, so there’s no way for us to see the original message,” Yen told Forbes.

He argues that ProtonMail differs from all other email systems, which store the key to decrypt messages.

NSA blowback?

Yen and his associates were prompted to develop the service following revelations made by former NSA contractor Edward Snowden.

The Snowden leak proved what many technologists suspected for years – that the NSA was gaining access to commonly used technology to snoop on people – but many were taken aback by the sheer scale of the operation exposed by the whistleblower.

CERN scientists are not alone in their belief in the right to privacy. Many Internet users have started using encrypted communications in light of the Snowden affair.

According to Canadian broadband management company Sandvine, the volume of encrypted internet traffic has skyrocketed in recent months.

In its ‘Global Internet Phenomena‘ report for the first half of 2014, the firm found that the percentage of encrypted Internet traffic in Europe had quadrupled in recent months. A similar trend has been observed in other parts of the world.

ProtonMail is looking to tap this relatively large pool of Internet goers who would like to keep their communications private. The system uses end-to-end encryption, but unlike many encryption tools it is designed to be intuitive and simple to use.

Bitcoin accepted

ProtonMail is currently in public beta and the team is working on Android and iOS apps. These should launch by the end of the summer, and if all goes according to plan, the service will move out of beta at around the same time.

It is still possible to sign up for an invite to participate in the beta testing, but server capacity is limited, Yen said, due to higher than anticipated demand.

Since the service is encrypted and, thus, cannot be used to serve targeted ads, such as Google AdSense, the team has decided to adopt a freemium model to make the service pay.

ProtonMail is free, but additional features and storage will be available. Full pricing tiers have not yet been announced, but the basic paid account will provide 1GB of storage for $5.

Since ProtonMail is all about security and privacy, it does not track its users or gather any personally identifiable information. Of course, an additional level of security and anonymity is provided by one of the payment methods – bitcoin.