On March 11, 2024, German provider Tuta, formerly known as Tutanota, launched TutaCrypt. It is a new hybrid protocol that combines conventional encryption and quantum-resistant algorithms. The popular secure email provider claims to be the first to offer post-quantum protections.
While quantum computers may still be a long way from widespread use, our data is already at risk. That's why security companies across the board, including VPN services and messaging apps like Signal, are ramping up their crypto plays in preparation for the day when quantum computers can finally crack traditional encryption methods (Q -Day). TutaCrypt is another step forward in that direction. Plus, since it's completely open source, anyone can check the code to verify that it's doing what it says on the tin (and no more, no less).
The urgency of post-quantum encryption
“At Tuta Mail we consider ourselves pioneers in secure communication and with TutaCrypt we set standards for the communication of the future. We are proud to have reached such an amazing milestone on the path to quantum security,” Arne Möhle, CEO of Tuta Mail, told me. .
Tuta launched under the name Tutanota in 2014 as one of the first email services to protect user communication with end-to-end encryption. Throughout its history, the provider added a secure calendar and even changed its name. It now claims to be the first email app to implement post-quantum cryptography.
Möhle noted that even though Q-Day is still far away, the threat of so-called “harvest now, decrypt later” attacks made the switch to quantum-resistant protocols a priority for the team.
“Quantum-safe encryption is not just an option, but a necessity in a world where threats are constantly growing,” he told me. “We focus on the privacy of our users and with our TutaCrypt quantum-safe encryption, we can now protect your data even better.”
Today we are proud to announce the launch of the world's first #postquantum secure email platform! 🥳🎉With TutaCrypt, your data is safe from quantum cyber attacks at rest and in transit. ⚛️ 🔒Learn more about this quantum leap in #security here: pic.twitter.com/XeycBQpBYnMarch 11, 2024
Tuta's post-quantum quest began about four years ago with PQMail to make its email and calendar applications post-quantum resilient. Last July, the Hannover-based company secured a €1.5 million grant from the German government and joined forces with the University of Wuppertal to launch its PQDrive project to extend this increased protection to the world of cloud storage as well. “TutaCrypt is a prerequisite for TutaDrive, which is being developed in the PQDrive project,” Möhle told me.
TutaCrypt comes to replace classic asymmetric cryptography (RSA-2048), a necessity piece of email technology that ensures that the recipient can only know the sender's public key but not the private key, Möhle explained.
The new hybrid quantum-safe encryption protocol combines a post-quantum key encapsulation mechanism (CRYSTALS-Kyber) and an elliptic curve Diffie Hellmann key exchange (x25519). For the less tech-savvy, all you need to know is that your communications will still be protected by both standard end-to-end encryption and quantum resistance algorithms for added security.
The provider also explained that the private keys are stored encrypted on its Germany-based servers (with a key derived from the user's password) to allow users to use them on any device.
You need to update the app to the latest version to enjoy the new protections on emails, calendars and contacts as the provider rolled out TutaCrypt to all users. What is certain is that the work does not end here, as the Tuta team will continue working to address the current limitations and continue to implement the full PQ prototype.
Möhle states: “In the next step of this project and once the encryption protocol is finalized (which still lacks Forward Secrecy), we will implement the post-quantum secure drive solution.”