Tuta will be the first quantum-resistant email service with a new hybrid protocol
From March 11, 2024, the German provider Tuta, formerly known as Tutanota, launched TutaCrypt. It is a new hybrid protocol that combines conventional encryption and quantum-resistant algorithms. The popular secure email provider claims to be the first to offer post-quantum protection.
While quantum computers may not be in mass use for a long time, our data is already at risk. That’s why security companies across the board, including VPN services and messaging apps like Signal, are boosting their cryptography games in preparation for the day when quantum computers can finally crack traditional encryption methods (Q-Day). TutaCrypt is another step forward in that direction. And because it’s completely open source, anyone can check the code to verify that it does what it says on the tin (and nothing more or less).
The urgency of post-quantum encryption
“At Tuta Mail we see ourselves as pioneers in secure communications, and with TutaCrypt we are setting standards for the future of communications. We are proud to have achieved such a great milestone on the path to becoming quantum secure,” Arne Möhle, CEO of Tuta Mail, told me.
Tuta was launched in 2014 under the name Tutanota as one of the first email services to protect users’ communications with end-to-end encryption. During its journey, the provider added a secure calendar and even changed the name. Now it claims to be the first email app to implement post-quantum cryptography.
Möhle noted that although Q-Day is still far away, the threat of so-called ‘Harvest Now, Decrypt Later’ attacks made the move to quantum-resistant protocols a priority for the team.
“Quantum-safe encryption is not just an option, but a necessity in a world where threats are constantly increasing,” he told me. “We focus on the privacy of our users and with our quantum-safe encryption TutaCrypt we can now protect their data even better.”
Today we’re proud to announce the launch of the world’s first #postquantum secure email platform! 🥳🎉With TutaCrypt, your data is safe from quantum computer attacks, both at rest and on the go. ⚛️ 🔒Read more about this quantum leap in #security here: https://t.co/Nq7ePZ2ctb pic.twitter.com/XeycBQpBYnMarch 11, 2024
Tuta’s post-quantum quest started about four years ago with PQMail to make both its email and calendar apps post-quantum proof. Last July, the Hannover-based company secured a €1.5 million grant from the German government and joined forces with the University of Wuppertal to launch its PQDrive project to extend this higher protection to the world of cloud storage. “TutaCrypt is a prerequisite for TutaDrive, which is being developed in the PQDrive project,” Möhle told me.
TutaCrypt replaces classic asymmetric cryptography (RSA-2048) – a necessary requirement A piece of technology for emails to ensure that a recipient can only know the sender’s public key, but not the private key, Möhle explains.
The new quantum-safe hybrid encryption protocol combines a post-quantum key encapsulation mechanism (CRYSTALS-Kyber) and a Diffie Hellmann key exchange with elliptic curve (x25519). For the less tech-savvy among us, all you need to know is that your communications are still protected by both standard end-to-encryption and quantum-resistant algorithms for added security.
The provider also explained that the private keys are stored encrypted on its Germany-based servers (with a key derived from the user’s password), so users can use them on any device.
Updating the app to the latest version is all that’s needed to take advantage of the new protection for emails, calendars, and contacts when the provider rolled out TutaCrypt to all users. What is certain is that the work does not end here, as Tuta’s team will continue to work on addressing the current limitations and continue to implement the full PQ prototype.
On this point, Möhle said: “In the next step of this project and after completion of the encryption protocol (which still lacks Forward Secrecy), we will implement the post-quantum secure disk solution.”