Gmail Encrypt

By | June 1, 2006

So, you like using Gmail, but don´t want other people to be able to read your email? You are probably not alone and that is where the Gmail Encryption extension enters the picture. Originally I planned on using the Solitaire encryption algorithm devised by Bruce Schneier for the book, Cryptonomicon, written by Neal Stephenson.

With this in mind, I decided to go with public key encryption. I have implemented an RSA type scheme in Javascript. Naturally this is somewhat more cumbersome in GreaseMonkey as the entire scheme needs to live together inside one large file. This, however, solved a number of issues I had with the Solitaire idea.

Public key encryption has one major problem and it is especially noticeable in a scripting language like Javascript. It needs a lot of horsepower – especially on the decryption side! So to prevent your machine grinding to a halt if you want to send emails longer than one character, for example, the actual message is encrypted using AES. The keys to AES are then encrypted using RSA. That gives the receiver a small amount of RSA descryption to work through and the bulk of the decryption then takes place using AES which is much less processor intensive.Read Full Story

Leave a Reply