Quick Links

< Back

Security : Cyber Attacks :   :  

Google Email Encryption

Sebastian Munoz

In response to reports on Tuesday that Google is touting its use of encryption on email messages, which turns the messages into garble that can only be read with a key, encryption & digital signature expert Sebastian Munoz, CEO of REALSEC Inc., commented:
“The word ‘key’ is in fact the key to the whole encryption system. Where are those keys that will grant access to the content of the encrypted emails stored? How can Google guarantee that nobody will have access to those keys and therefore, to the encrypted content?
From the perspective of Google, the keys should be safely stored on certified HSMs. From the end user's point of view, a certified token or smart card should be used to store the private keys of each person.
The protocol being used, TLS or Transport Layer Security, which is an evolution of previous SSL or Secure Sockets Layers, use standard X.509 certificates to authenticate the counterparty with whom they are communicating. This is a good system, but not 100 percent reliable. While X.509 are better than other verification systems, it still can be subject to Man in the Middle attacks.
However, the use of TLS is becoming widely adopted and it would be desirable that other email providers would include such support as well, so that the whole system could be more effective.”

For more information go to www.realsec.com

Advertise your product/service here!
About Us Editorial

© 2019 Simplex Knowledge Company. All Rights Reserved.   |   TERMS OF USE  |   PRIVACY POLICY