Table of contents
Start for free
Andrew Milich / 9.18.2022Home / news
Private email's evolution: From Pretty Good Privacy to wallets
How private email has evolved from Pretty Good Privacy (PGP) encryption to built-in key exchange and crypto wallet integrations.Sixty years ago, when email was first used to transmit scientific information among collaborators distributed around the world, few could imagine that it will become the backbone of global, communication. Every day, email delivers billions of messages between governments, family members, and multinational corporations. As email became a standard way to communicate, hundreds of millions of consumers adopted email products: Yahoo! Mail was released in 1997, and Gmail seven years later in 2004.Email providers began to compete for consumer attention with more storage space, mobile experiences, and more. Gmail famously launched with 1 GB of inbox storage space - a true luxury in 2004. Today, there are estimated to be over four billion email users, more than half of the global population and the largest communication network connecting the globe.Naturally, email security has become top of mind for individuals, businesses, and governments. In particular, email encryption protects email content from unwanted One of the most enduring and popular ways has been the PGP protocol.
`-----BEGIN PGP PUBLIC KEY BLOCK-----Version: Keybase OpenPGP v1.0.0Comment: https://keybase.io/cryptoxm8EYyaSSBMFK4EEACIDAwRmbe9L vMlFKMwznWLyZcCHRfVb7LOLjxXJn7uzWpqoCNb8hnTZdXJZq/42W/ZrLdPMiutYVEpEXb8dP aBlQHeHia5YcYUQ05IQL8w/mJz4…OIch4coBf01VYVxW+9x7kKNp5SDEh44m8fsdFMXiVrAjJcn9/1/q3YRImgU3I/1QPy9m1BqtqA==-----END PGP PUBLIC KEY BLOCK-----
Introducing Pretty Good Privacy (PGP)
PGP – an abbreviation for Pretty Good Privacy - was first launched in 1991. It represents a relatively straightforward way to protect personal information or communication, including emails messages and other data, such as attachments.The encryption scheme utilized in Pretty Good Privacy is a relatively straightforward asymmetric encryption protocol, wherein every party who wants to send or receive encrypted messages maintains a PGP keypair, including a private key (kept secret), and a public key (shared widely online, in person with other people, or in key registries).As in an asymmetric protocol, the sender encrypts a message with the recipient’s public key. In some cases, the sender may encrypt additional encryption keys, such as one symmetric encryption key for every file. To learn more about how a symmetric encryption scheme could be used with an asymmetric one - thereby creating a hybrid encryption scheme - check out Skiff’s technical whitepaper.In addition to this protocol, PGP also defines standardized encoding and decoding for public and private keys. For example, here is a PGP public key:`-----BEGIN PGP PUBLIC KEY BLOCK-----Version: Keybase OpenPGP v1.0.0Comment: https://keybase.io/cryptoxm8EYyaSSBMFK4EEACIDAwRmbe9L vMlFKMwznWLyZcCHRfVb7LOLjxXJn7uzWpqoCNb8hnTZdXJZq/42W/ZrLdPMiutYVEpEXb8dP aBlQHeHia5YcYUQ05IQL8w/mJz4…OIch4coBf01VYVxW+9x7kKNp5SDEh44m8fsdFMXiVrAjJcn9/1/q3YRImgU3I/1QPy9m1BqtqA==-----END PGP PUBLIC KEY BLOCK-----
PGP adoption
PGP was generally made compatible across multiple email providers, command line tools, and even software providers like GitHub. For example, you can sign all of your code commits on GitHub using a GPG public key, which represents a similar encryption scheme but with slight variationsAlthough PGP represents one of the simplest, most easily understood, and oldest email encryption schemes, adoption is weak. While some estimate that around 50,000 PGP keys are widely in use today, encrypted messaging apps, such as Signal Messenger, are used by hundreds of millions of people every month. In total contrast to PGP, wherein individuals may need to take charge of their own encryption keys, Signal uses an open source protocol - the Signal Protocol - to exchange keys, encrypt messages, and keep sender and recipient information ephemeral and private. To learn more about the Signal Protocol, we recommend reviewing Signal’s technical documentation or open source code.As new cryptographic protocols, including elliptic curve cryptography, have become more popular, computer scientists and cryptographers have also started to criticize PGP’s technical limitations, such as a lack of forward secrecy (unlike the Signal Protocol), over complexity (designed to be a “swiss army knife”), and outdated implementations.Skiff’s approach
Skiff has chosen an approach based on ease of use, simplicity to understand, and complete technical reliability. More like Signal than PGP, Skiff makes it easy to sign in, generate and share keys, and communicate with total privacy. To ensure total trustworthiness of users public keys and the protocol, all of Skiff’s encryption code is open-source, Skiff Mail is completely open sourced, and users are able to verify and remember other users’ public keys, just like marking users as verified on Signal.What about crypto wallets?
Over the last year, Skiff has launched integrations with multiple crypto wallets, including MetaMask, Brave Wallet, and more. Behind the scenes, a crypto wallet functions quite similarly to a private messaging app or a password manager: It stores private keys for each of your Ethereum addresses, Solana addresses, or other public keys needed for owning tokens or other assets.Furthermore, crypto wallets have exploded in popularity; MetaMask alone has reached over thirty million monthly active users, an enormous multiple on the supposed adoption of PGP worldwide. As a result, instead of using PGP, which requires users to exchange unwieldy keys and safeguard secrets, using crypto wallets to store keys needed for secure, end-to-end encrypted communication is a technically groundbreaking but surprisingly simple solution to ensure widespread adoption.To log into Skiff with a crypto wallet, visit https://app.skiff.com or https://app.skiff.com/signup. For more information on Skiff’s technical model, visit our GitHub, blog, or whitepaper.Related articles
Skiff TeamIs Google Drive Secure?Google Drive is not end-to-end encrypted. Is it secure?
Skiff TeamEncrypted Email: Best Practices for Businesses and IndividualsNo one can live without email today: Emails are as much a part of our daily lives as brushing our teeth - a staple for communicating and checked constantly every morning, afternoon, and night.
Skiff TeamThe Security Benefits of Encrypted EmailThere are numerous benefits to using an encrypted email service as your primary email provider.
Andrew MilichWhat's decentralized email?Decentralized email: Private, encrypted, and owned by you.
Andrew MilichQuick guide: Get your custom domain set upHow can you add a custom domain to your Skiff account? Learn more in this guide.
Nishil ShahEmail phishing protectionPhishing is one of the most dangerous email security problems and comes in many forms. How can you protect yourself, your family, and your business?
Skiff TeamEncrypted collaboration toolsSecurity and privacy have become necessities when collaborating online. What are the best encrypted collaboration tools?
Andrew MilichWhat is encrypted email, and is it secure?Encrypted emails are a necessity for privacy and cybersecurity. Learn everything you need to know about using encrypted email providers and other good email security practices.