ProtonMail and Tuta provide encryption at rest but they hold the keys to both encrypt and decrypt emails. This is needed so you can view your encrypted emails both online and through their own email apps. Problem is, if a request from the government, law enforcement, etc. asks these companies for your email, they could provide the emails and the keys to unencrypt them since it’s all stored in their servers.
Is there a way to use your own keys for higher privacy? For example, can you upload the public key only to ProtonMail to have your email encrypted at rest but only you have the private key to decrypt the email? The pros is if there’s a request from an authority to get your emails, they would only get your public key but not your private key to decrypt them. The cons is you can’t use webmail to read your emails or use their apps since both keys are needed. But you could use a third party app like Thunderbird to read your emails provided the email service provides IMAP. Correct?
Another option I’m thinking of is an alias service like Addy.io. For example, ProtonMail has both keys but if you create your own seperate PGP keys from somewhere else, you could use your own public PGP key on Addy.io to encrypt incoming email through the alias email but you would still need a third party app like Thunderbird to read them. The pros are ProtonMail doesn’t have the private key, the email is already encrypted including encrypted at rest and only you can read them. The cons are you can only read your email using a third party app (using IMAP), this will only work using an alias service like Addy.io and an alias email address or directly sender to receiver which then would be end to end encryption. Correct?
if you don’t trust proton and tuta that they will log your emails and give private keys to your account, there is only a little you could do.
If they wanted to get your email encryption keys they would need to first serve you a malicious custom website code when you access their web email in order to sniff off your private keys on login and then use it to read your emails.
Incase you access their email through a dedicated app like mobile or desktop , it would be even harder as they would need to make you expressly download and install a malicious version of their app which would be lot more difficult. Plus their clients are open source and can be built yourself. If you use a version like fdroid it would provide yet another safety by verifying the app was built using actual code published.
will they really do that given the lengths they would need to go to trick you , ask yourself ?
Also for the emails that you had received from external mail providers without E2ee , there could still be a chance that they could log a plaintext copy of your emails on server side and encrypt another copy for your mailbox client.
But still this is highly doubtful as it won’t be possible without disrupting their normal workflow.
So this again depends on how you use it and to what extent you trust them.
The only thing you can be sure of are all the end to end encrypted emails done, that too with caveat of your meta data available to be seen.
I recommend learning about how Diffe-Hellman key exchange works.
Proton cannot decrypt your emails because they don’t have your unencrypted private key. I’m oversimplifying here, but think of Proton Mail as a client that automates this method (which used to done manually) between two Proton Mail users.
I think what threw me off is the fact that Proton creates and stores both keys. In fact, they automate creating the keys but the keys are stored securely on a part of their server encrypted with a separate account encryption. Thanks to everyone for taking the time to post your comments. Now I know that what I was thinking, though interesting, is not necessary at all with the exception that you can use your public key with an alias service (if offered) like Addy.io.
For anyone else reading this thread. I was able to directly find my answers from ProtonMail after researching a little more:
Yeah, I guess the trust aspect is whether or not you trust them not decrypting your private key despite being initially generated via your browser, however unlikely it is.
Consider self hosting email if Proton or Tuta does not seem to satisfy your security needs. Its going to be an experience though. Its a pain and there is a reason why people don’t do this.
You then risk the authorities knocking on your door though. At least you can exercise your autonomy and refuse.
Are these bad advice? Not really. Sometimes, understanding comes only after experience because some people cannot be convinced otherwise.
