Send secure encrypted and signed emails in ONE (and a half) step.

The main goal of this project, in a form of online application, is to simplify the whole process of writing and sending encrypted and/or signed email messages as much as possible.

So, you would like to send a email? But first:

ENCRYPTION, why is it so important?

Fun fact 1:

Did you know that, even if we assume that you are the only one who has access to your email account and the person you are sending the email is the only one who can access his email account, administrator of the mail server you are using will be able to read your message because it is stored on the server in plain text format (at least by default)?

Fun fact 2:

Even if mail server administrator of your server is a good guy and doesn't want to mess with other people's privacy, your email message passes thru many different servers on the Internet before it reaches its final destination. Any server administrator on any of those servers can read your email.

Fun fact 3:

Even if all mail server administrators on all mail servers are good guys and don't want to mess with other people's privacy, sometimes they can not refuse to provide data about your email account activity, including your email messages, to some government authority if they request it. Now, if I'm a known criminal it would be fully justified to provide an access to my email messages, but I do not like the idea that someone can jeopardizes my privacy by reading emails that I send, for example, to my mistress, just because he works in some government agency (maybe he likes my mistress and wants her for himself).
[Just to be clear, I, in no way, support infidelity, nor do I accuse governments of being irresponsible, but we do not live in a perfect world.]

E-mail protocol is not made to be safe and protect privacy, but there are ways to make things better.

Existing online solutions:

There are (were) some online services that provide some kind of email server encryption. Example, they do not store emails in plain text format, they encrypt emails before sending them from one server to another. But they have (at least) one decisive flaw. In one way or another, they store data used in encryption/decryption process on their server, so, even if your message is not readable to all mail servers it passes thru, it can be decrypted using data stored on main server it was sent from. In other words, email can be decrypted using data that are available on the location (server) that you do not control (you can not control who can have access to it, and at least one man must have access to it - server administrator). It is safer, but not safe enought.

There are (were) some online services that provide you a way to encrypt your emails by using a secret key. These kind of symetric encryptions are usually fast and very strong, but these services also have one decisive flaw. In order to be able to decrypt message, one must be in posesion of the same secret key that was used for message encryption. And there you have a problem. How to deliver secret key to message recipient? You can send him an email with that key, but, wait, then your email (and the key) is visible to many (see Fun fact 1-3). I guess you can call him by the phone, but what if he lives in a galaxy far far away? And we are back to the start.

What makes this project better?

1. You can use any email provider that supports imap protocol (public, example gmail, or your own, example imap.my_beautiful_website.com).

2. All encryption/decryption/signing operations are done on local (client) computer.

3. Email message sent from your computer to mail server is already fully encrypted.

4. Even if you give access to your account to someone, he can not read your encrypted email.

5. Even mail server administrator can not read your encrypted email, because there are no data used in encryption proccess stored anywhere else, except on your local computer.

SIGNING, why is it so important?

Fun fact 4 (related to Fun fact 1):

While it is wellknown that anybody who has password to your email account can write emails in your name, the fact that your mail server administrator can do that may not be so obvious.

Fun fact 5 (related to Fun fact 2):

Your email message passes thru many different mail servers on the Internet before it reaches its final destination. Any server administrator on any of those servers can change your email.

[There is also a thing called email spoofing that I will not cover here.]

When you use digitally signed messages you can be sure that:

1. The author of the message is the user who signed it.

2. The message was not changed during the transfer from sender to the receiver.

3. The author can not deny that he wrote the message.