Encrypted email service ProtonMail has launched a ‘contacts’ manager for its service.
The announcement was made on its official blog post. ProtonMail Contacts, which ProtonMail is describing as “the world’s first encrypted contacts manager,” now offers “zero access encryption and digital signature verification”.
Here’s excerpts from the post:
What is an Encrypted Contacts Manager?
ProtonMail’s new contact manager uses zero-access encryption in order to protect the details of your contacts. Zero-access encryption means that the protected contact fields are encrypted in such a way that only you are able to decrypt and read them, not even ProtonMail can read them. In our new encrypted contacts manager, the protected contact details are shown within an area with a lock icon.
The addition of encrypted contact fields brings many security benefits. For example, if you are a journalist with a confidential source, it is very important to protect the phone number or address of that source. Using the notes field in contacts, you can also add other information about the contact that will be protected with zero-access encryption. In order to do email filtering, we do not use zero-access encryption for email addresses – doing so also does not significantly improve privacy because as an email service, we necessarily must know who you are emailing in order to deliver the message.
Digitally Signed Contacts
The new ProtonMail Contact does more than just protect contact data fields with zero-access encryption. We also utilize digital signatures to verify the integrity of contacts data. Digital signatures are used for all contact fields, including the email address itself, and are denoted by the ✓ icon.
The concept of digital signatures is technically complex, and is explained in more detail here, but in more simple terms, what digital signature verification does is provide a cryptographic guarantee that nobody (not even ProtonMail) has tampered with your contacts. Thus, you can be absolutely sure that the contacts data is precisely what you entered.
This is a big security benefit for many reasons. For example, if an attacker wanted to intercept the communications between you and a sensitive contact, one way to do it could be to secretly change the email address or phone number you have saved for that contact, such as changing john.smith@protonmail.com to john.snnith@protonmail.com, which might escape your notice. However, because ProtonMail contacts are now digitally signed, an attempt to tamper with your contacts would lead to the following error being displayed.
•Share This•
