Tutanota upgrades encryption from AES-128 to 256!

The new year brings a great update to Tuta Mail: We’ve now switched on AES 256 encryption by default for all new emails sent via Tuta. This is great security improvement and the next step towards quantum-safe encryption.

In addition, we have now enabled Argon2 as the standard password derivation function for all new accounts or when your change your password. Argon2 is one of the best modern key derivation process, which makes sure that your encryption keys that are derived from your password in the Tuta client are secure.

You can read more on Agron2 and why it’s best for security here.

On our road to achieve quantum security we are now updating our asymmetric cryptography (currently RSA 2048), in a next step we are focusing on rotating the existing encryption keys and key verification.

With this release we are also rolling out support for a new quantum-safe hybrid encryption protocol that we designed. We will describe this in detail in a future blog post. This protocol is not yet actively used by clients, but we will enable it for new accounts as one of the next steps. Afterwards we will work on encryption key rotation so that our existing customers can also reach quantum-safety. Once rolled out, it will be possible to replace existing AES 128 and keys with new AES 256 keys. The same will be possible with the asymmetric RSA 2048 keys which will be replaced with both X25519 and Kyber-1024 turning the protocol into a hybrid (classical and quantum-safe) public key protocol.


This is a great update! Hopefully Proton follows suit.

Having a few different privacy focused email providers competing against each other is great news for privacy focused consumers.


Wow I don’t know how I missed that update, thank you for the correction @jonah

Webassembly means you have to disable JIT in Vanadium for tuta domains in order to access the web interface.

*enable @abstract

I’m curious how much of a threat vector this presents though.

what threat are you talking about?

what threat are you talking about?

Enabling WebAssembly (Javascript JIT). It allows you to compile JS to native code. As Tuta explains, it allows them to run code on your device using any programming language. It improves performance but sacrifices security. It’s why it’s disabled by default in Vanadium. I don’t know how bad it is to enable it.

1 Like

You enable it per-site, not for the whole browser…