Tuta becomes the first quantum-resistant email service with new hybrid protocol
Tuta claims to be the first secure email provider to offer post-quantum protection in the build-up to Q-Day.
As of March 11, 2024, German provider Tuta, formerly known as Tutanota, launched TutaCrypt. It's a new hybrid protocol that combines conventional encryption and quantum-resistant algorithms. The popular secure email provider claims to be the first to offer post-quantum protections.
While quantum computers may still be far from mass usage, our data is already at risk. That's why security firms across the board, including VPN services and messaging apps like Signal, are boosting their cryptography games in preparation for the day when quantum computers can finally crack traditional encryption methods (Q-Day). TutaCrypt is another step forward in that direction. Plus, since it's fully open-source, anyone and everyone can check the code to verify it's doing what it says on the tin (and nothing more or less).
The urgency of post-quantum encryption
"At Tuta Mail, we see ourselves as pioneers in secure communication, and with TutaCrypt we are setting standards for the communication of the future. We are proud of having achieved such an amazing milestone on the road to becoming quantum-safe," Arne Möhle, CEO of Tuta Mail, told me.
Tuta launched under the name of Tutanota in 2014 as one of the first email services to protect users' communication with end-to-end encryption. Along its journey, the provider added a secure calendar and even changed its name. Now, it claims to be the first email app to implement post-quantum cryptography.
Möhle noted that, despite Q-Day still being a ways off, the threat of so-called "Harvest Now, Decrypt Later" attacks made the switch to quantum-resistant protocols a priority for the team.
"Quantum-safe encryption is not just an option, but a necessity in a world where threats are constantly growing," he told me. "We focus on the privacy of our users, and with our quantum-safe encryption TutaCrypt, we can now protect their data even better."
Today we are proud to announce the launch of the world's first #postquantum secure email platform! 🥳🎉With TutaCrypt your data is safe against quantum computer attacks at rest & in transit. ⚛️ 🔒Learn more about this quantum leap in #security here: https://t.co/Nq7ePZ2ctb pic.twitter.com/XeycBQpBYnMarch 11, 2024
Tuta's post-quantum quest began about four years ago with PQMail to make both its email and calendar apps post-quantum resistant. Last July, the Hannover-based company secured a grant of €1.5 million from the German government and joined forces with The University of Wuppertal to launch its PQDrive project to extend this higher protection also to the cloud storage world. "TutaCrypt is a prerequisite for TutaDrive—being developed in the project PQDrive," Möhle told me.
Get daily insight, inspiration and deals in your inbox
Sign up for breaking news, reviews, opinion, top tech deals, and more.
TutaCrypt comes to replace the classic asymmetric cryptography (RSA-2048)—a necessary piece of tech for emails to ensure a receiver can only know the public key of the sender but not the private key, explained Möhle.
The new quantum-safe hybrid encryption protocol combines a post-quantum Key Encapsulation Mechanism (CRYSTALS-Kyber) and an elliptic-curve Diffie Hellmann key exchange (x25519). For the less techie out there, all you need to know is that your communications will still be secured by both the standard end-to-encryption and quantum-resistant algorithms for extra safety.
The provider also explained that the private keys are stored encrypted on its German-based servers (with a key derived from the user's password) to allow users to use these on any device.
Updating the app to the latest version is all needed to enjoy the new protections on emails, calendars, and contacts as the provider rolled out TutaCrypt for all users. What's certain is that the work doesn't end here as Tuta's team will keep working to address current limitations and continue to implement the full PQ prototype.
On this point, Möhle said: "In the next step of this project and after completion of the encryption protocol (which still lacks Forward Secrecy), we will implement the post-quantum secure drive solution."
Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life—wherever cybersecurity, markets and politics tangle up. She mainly writes news, interviews and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar Pro, TechRadar and Tom’s Guide. Got a story, tip-off or something tech-interesting to say? Reach out to chiara.castro@futurenet.com