Google is said to be looking into ways to make end-to-end encryption tools such as PGP (Pretty Good Privacy) easier to use with Gmail. The utility is already compatible with Gmail but its complex nature has kept it from reaching a mainstream audience.
How exactly Google plans to integrate PGP into Gmail is a bit of a mystery as it poses some pretty significant issues. With end-to-end encryption, only the sender and receiver can read the contents of a message. That’d be problematic for Google as the company currently scans Gmail messages for advertising keywords.
What’s more, Google would have to contend with the issue of lost passwords. Under such a scenario, only the end user would ever have access to the decryption key meaning the provider couldn’t recover data without it.
The company would either have to make it crystal clear exactly how important keeping up with the password is or perhaps use a cryptographic technique called key stretching that makes a short password stronger so individuals wouldn’t have to remember a lengthy password.
If it comes to fruition, it’d be the latest in a string of security upgrades at Google. Last month, the search giant took steps to boost the security of data that travels between data centers and moved Gmail to an HTTPS-only connection by default. All of these changes have come as a result of the mass surveillance revelations exposed by NSA leaker Edward Snowden.