HackerTrans
TopNewTrendsCommentsPastAskShowJobs

Tutanota

no profile record

Submissions

Show HN: TutaCrypt, post-quantum encryption protocols for securing emails [pdf]

tuta.com
15 points·by Tutanota·قبل سنتين·8 comments

comments

Tutanota
·قبل 6 أشهر·discuss
Hey, Tuta Team here. If you're looking for one with unlimited addresses for a custom domain, check out Tuta Mail: https://tuta.com
Tutanota
·السنة الماضية·discuss
Hi, Tuta Team here, we came across this and wanted to jump in. The facts are correct - thanks for explaining it the way it actually was. We explain in more detail here why this case highlights the need for *end-to-end encryption* and why we recommend everybody using it whenever possible: https://www.reddit.com/r/privacy/comments/ntzn3w/comment/h0v...
Tutanota
·السنة الماضية·discuss
Here's a better one: Breaking: Gmail starts using the whitelabel version of Tuta Mail so that 2.5 billion users will get automatic encryption.

https://mastodon.social/@Tutanota/114262092716832489
Tutanota
·السنة الماضية·discuss
Hi there, Tuta Team here. This is not correct, the price for Tuta Revolutionary is €3/mth with 20 GB of storage and 15 aliases - plus unlimited aliases when using your own domain. It's a very good deal.
Tutanota
·السنة الماضية·discuss
Hey there, Tuta team here. We are aware of this issue and we are working on key verification as we speak. The release is scheduled for the coming month.
Tutanota
·قبل سنتين·discuss
Actually, we did not get notified, but we did see this message - so thanks! We have now fixed the issue and the fix will go live in the next days.

Matthias, co-founder of Tuta Mail
Tutanota
·قبل سنتين·discuss
Tuta | Hannover/Munich, Germany | ONSITE | https://tuta.com/

Tuta is an encrypted email provider based in Germany. We focus on building privacy and security oriented apps for communication and productivity.

We are currently hiring software engineers (Frontend/Backend/Full-Stack) for our locations in Hannover and Munich. We also sponsor visas for prospective team members not currently living in the EU and help with the relocation process.

QA/Software Engineer: https://tuta.com/jobs/qa-software-engineer

Software Engineer (Munich): https://tuta.com/jobs/software-engineer-munich

Software Engineer (Hannover): https://tuta.com/jobs/software-engineer
Tutanota
·قبل سنتين·discuss
Hi there, it is possible to export all emails from your Tuta account and store them locally or load them into another email client by using our export function: https://tuta.com/support/#generalMail
Tutanota
·قبل سنتين·discuss
Our core development team are trained to work in applied cryptography and we work directly with the University of Wuppertal cryptographers for cryptanalysis and testing.

To secure our customer's emails we do not only rely on the new post-quantum algorithm but we use a post-quantum Key Encapsulation Mechanism (CRYSTALS-Kyber) in combination with an Elliptic-Curve-Diffie-Hellmann key exchange (x25519). We did choose Kyber for pq encryption because it has been chosen by NIST for standardization. However, we are aware that it still might be broken in the future. In this case our implementation allows us to replace it with a different post-quantum Key Encapsulation Mechanism. Our customer's emails will not be leaked in this case because they are still protected by the state-of-the-art Elliptic-Curve-Diffie-Hellmann key exchange.
Tutanota
·قبل سنتين·discuss
As all post-quantum crypto is relatively new there is still the risk of it being broken in the future. This is why we combine the new algorithms with classical ones in an hybrid approach so that the encryption stays at least as secure as it is now.
Tutanota
·قبل سنتين·discuss
Hey, we only just saw this now: Emails run through a filter before being pushed to your mailbox and encrypted there. So we can see spam emails, but with Tuta Mail you can also send end-to-end encrypted emails of which we see nothing. Plus, if you report emails as spam (e.g. by dragging them to the Spam folder) you are being asked whether you want to give us a copy of the content so that we can improve the spam filter.
Tutanota
·قبل 3 سنوات·discuss
The Proton post by OP was a rebuttal against our blog post on "The Illusion Of "Swiss Privacy" Being The Best": https://tuta.com/blog/swiss-privacy-is-an-illusion

The original version of this blog post included information on the encryption in Tuta Mail and ProtonMail which we took out because it had nothing to do with the actual topic of the post.
Tutanota
·قبل 3 سنوات·discuss
The Proton post by OP was a rebuttal against our blog post on "The Illusion Of "Swiss Privacy" Being The Best": https://tuta.com/blog/swiss-privacy-is-an-illusion

The original version of this blog post included information on the encryption in Tuta Mail and ProtonMail which we took out because it had nothing to do with the actual topic of the post.
Tutanota
·قبل 3 سنوات·discuss
Tutanota team here, we saw this post and need to share our view as well:

We apologized on Reddit that this post was perceived as an attack on ProtonMail. This was not our intention, but we do see now that the original blog post could be read as such and we are sorry about this. The real aim of the post was to stress the fact that Swiss Privacy is as good as German Privacy, but the way it was written did not make this clear.

That's why we have updated our blog post as follows:

1. We have removed the mention of ProtonMail in the original post.

2. We have included a conclusion that Swiss Privacy laws are good, and very similar to German privacy laws.

We hope that this settles the issue; in the end Proton and us are in the same fight against Big Tech as well as state surveillance and must work together to achieve more privacy for everyone!

---

*Why this post on Swiss Privacy?*

We'd also like to explain why we published the post on Swiss Privacy in the first place.

Some Swiss companies like to stress that their level of privacy is better than the competition because they are *based in Switzerland*. However, ProtonMail even claims that Tuta Mail is less private stating "Tutanota is based in Germany, which is one of the Fourteen Eyes intelligence-sharing countries" (quoted from the Proton website) or even suggesting that Tuta email could be accessible to the NSA (which is wrong): "Tutanota emails are protected by the German Federal Data Protection Act, which prohibits the use of personal data without permission absent a court order. However, Tutanota is based in Germany, which is a member of the SIGINT Seniors of Europe (SSEUR) intelligence-sharing alliance which intelligence agencies such as the NSA." (quoted from the Proton website)

Proton continues this story after the publication of our blog post on their [subreddit](https://www.reddit.com/r/ProtonMail/comments/18ninzh/is_this...) and on their blog: Proton makes it look like we are spreading fake news and blaming us of unfair competition. What is more Proton wrongly [claims that there is a vulnerability in our encryption](https://www.reddit.com/r/tutanota/comments/18nob4c/i_sincere...).

*But our original post is about Swiss Privacy, so let's look at these facts.*

> On their blog Proton says "Claims such as 'Switzerland also has warrantless surveillance'" making it look like we've made this claim.

Please read the Tuta blog post carefully: *We never made that claim.*

All we said was that Swiss Privacy is no better - or as good as - for instance German Privacy because Switzerland - just like any country shares data with other countries. *Yes, a Swiss warrant is needed for Proton to hand out any data to foreign authorities, but the same is true for Germany where a German warrant is required.*

> Proton also says that "Tuta makes the completely unsubstantiated claim that “if you are connecting to a Swiss-based service like Proton from outside of Switzerland your data is being actively collected and shared with other intelligence agencies around the world”. Not only is this completely speculative, but there is also no basis to claim that this is an issue specific to Switzerland."

*Correct, this is not specific to Switzerland and that was exactly the point that we were making. In addition, we do back up the claim with evidence and cite our sources:*

1. In reference to the assertion that Switzerland regularly works with the US and UK intelligence agencies we cite [Reuters](https://www.reuters.com/article/us-usa-switzerland-datatheft...).

2. In our mention of cross-border traffic collection, we cite an article published in [Die Weltwoche](https://weltwoche.ch/story/was-sagen-sie-jetzt/). We are directly referring to the following paragraph:

> "According to the specifications, the sole purpose of the Onyx system is to intercept conncections abroad, from abroad to Switzerland or from Switzerland to abroad, to identify only telecommunications subscribers abroad and to intercept and process only data originating from abroad. However, residents of Switzerland are usually also involved in these calls. If this "mass surveillance of communications" (GPDel) generates information about Swiss citizens as a "by-product", the military electronic warfare unit (EKF) may also "process" such data and forward it in this form to the "relevant clients", i.e. primarily the former ficheurs and "state protectors", the federal police officers in the Service for Analysis and Prevention (DAP)." (This is a translation by DeepL of the archived version of the article available [here](https://web.archive.org/web/20070929083222/http://www.weltwo...))

*The origin of this is not Tuta, but comes from a Swiss-based news agency writing in relation to a Swiss surveillance program (Onyx).*

### Fair competition

While at the beginning of the post Proton speaks about fair competition and honesty, they end their blog post with

> "In the final analysis, it seems the only reason non-Swiss companies are attacking Swiss privacy is because Swiss privacy is actually better." repeating the untrue statement that Swiss Privacy would be better.

*A true and fair conclusion would have been: Swiss privacy laws are good and are very similar to the GDPR laws in place in Germany. However, these laws do not protect you from national surveillance programs. Instead, end-to-end encryption is the best tool to protect your data.*

We hope that these clarifications put an end to this discussion. We will also review future communication more thoroughly and make sure that we can continue the fair competition that we've had with Proton in the past. Having multiple encrypted email providers is a win for the entire privacy community.
Tutanota
·قبل 3 سنوات·discuss
Tutanota team here, we saw this post so need to set some things right:

This is not a vulnerability in Tuta. We have built Tuta with multiple layers of protection for our users. We currently use TLS and DANE to protect authentication and data integrity and (only tunneled) RSA-OAEP and AES-CBC to provide confidentiality. We have always communicated this transparently, it is nothing new. Neither the confidentiality nor the integrity of our users' data has been at risk.

However, we know that the implementation is not perfect regarding this detail. That is why we have also implemented the following security features since this has been reported first:

* 2-factor authentication

* Simple verification of downloaded Tutanota apps

We are currently starting to roll out new encryption algorithms. Enforcing MACs is part of this upgrade, just as post-quantum secure algorithms, authentication and signature verification. We already have a working prototype of this hybrid encryption protocol.

Tl;dr

There is no known vulnerability in Tuta. Security is the heart of Tuta, and we always fix reported vulnerabilities immediately.

Additionally, we'd like to add some facts about this blog post:

As part of their blog post, Proton confirms, that they indeed don't encrypt email addresses and names on their address books. So Proton basically knows all your contacts email addresses and names even if you don't send emails to them.

Proton claims that their Calendar metadata is encrypted besides date and time of events. So they don't encrypt that and claim it is not possible. In Tuta, even date and time of your events are encrypted as we handle notifications locally on users' devices - not on our servers.

Both services compete to see who offers the best security. This is basically good for all users. We are convinced that our product is more secure and are working hard to constantly improve security.
Tutanota
·قبل 3 سنوات·discuss
Agreed, should have phrased this more carefully!
Tutanota
·قبل 3 سنوات·discuss
Absolutely right, and for that reason most tech-savvy people will still not trust Meta with their data. But that they start encrypting end-to-end is a good thing, regardless.
Tutanota
·قبل 3 سنوات·discuss
Good for Meta and their user base! It's great to see Big Tech follow suit. We've been doing this for a decade already as only end-to-end encryption can truly protect data.

Plus, it's going to help with fighting bills like the Online Safety Bill and Chat Control when huge corporations join us; so bottom line: great news!
Tutanota
·قبل 3 سنوات·discuss
That's why we at Tuta do not send any information with the push on Apple and have built our own push notification for Android (we'd never use Google Push): https://tuta.com/blog/posts/open-source-email-fdroid