Encrypted Email is far from user friendly
May 25th 2022 on Dušan's blog
Let us start with a basic assumption. Unencrypted email is bad, unquestionably so. It can easily be modified and inspected in transit as it makes its way through multiple Mail Transfer Agents (MTAs for short) to your inbox. The only way to ensure your communication stays private, safe from prying eyes and bad actors, is to encrypt it. Unfortunately, this process is non-trivial for most people.
The why of it all
Let us further assess the requirements for a secure, end2end encrypted communication between two parties. As is tradition, we'll call them Alice and Bob.
Suppose Alice wants to send Bob some financial documents, something of critical importance to her business. Here's what she has to do.
- She must have basic understanding of public key cryptography.
- She must distinguish between public and private keys and their purposes.
- She must know how to generate those keys.
- She must obtain Bob's public key and send him her own.
- She must instruct her mail client of choice how to use those keys to encrypt a message.
- To ensure trust she must additionally instruct the mail client to sign every message with her private key.
Additionally Bob must do all of the above if he's to communicate with Alice.
I'm sure you get the picture. The sheer amount of steps and their complexity prevents this technology from seeing adoption. When did we start requiring our users to understand the implementation details of our software?
It's ridiculous if you think about it. Cryptography is very complex, even at a rudimentary level. There's no way a non-technical person could feasibly do all of the above without prior training.
And we so desperately need this technology to gain traction. Privacy shouldn't be reserved to technical people only. It's our fundamental right as people. And yet, most people don't bother just because of how difficult it is.
What's to be done here then? I suppose we could somehow manage the keys for the users, but even that's not enough. Thunderbird has the right idea with its semi-automatic approach of set it and forget it key management, it's a step in the right direction.
The much more tricky question is how do we implement this everywhere, if that's even a viable thing to do.
I'm always happy to hear your thoughts on the topic.