ProtonBlog(new window)

How encrypted email works

Share this page

From holiday photos to our purchasing history to personal correspondences, our emails contain a great deal of sensitive information.

It is therefore vital to keep your inbox and messages secure. This is more difficult than it first appears, as email was invented and widely adopted in the early days of the internet before many of today’s security best practises were developed.

As with all digital content, the best way to keep emails secure is by using encryption — complex algorithms that prevent anyone from reading the content unless they have the correct encryption keys. 

In this article, we explain the different types of encryption that most email services use to protect your messages and what Proton Mail does to add an extra layer of security and privacy.

How email is encrypted

Most modern email services encrypt emails in two ways:

  • They use TLS/SSL encryption in transit. This is the same encryption used to secure HTTPS websites, and it is the backbone of all security on the internet.
  • They use symmetric-key encryption algorithms such as AES(new window) to store emails. Most email services apply this encryption when an email is stored on its servers. This means the provider holds the encryption keys, which it can use to access your emails for advertising purposes or in response to third-party demands.

Proton Mail also encrypts emails in transit using TLS and stores them on our servers using OpenPGP (described below), both using trusted open-source implementations of AES and RSA. 

However, we improve on the usual email encryption model in several key ways:

  • All messages sent between Proton Mail users are end-to-end encrypted (E2EE) so that no one except you and your intended recipient(s) can access their contents.
  • Support for OpenPGP encryption is built into Proton Mail(new window), making it easy to have E2EE conversations with non-Proton Mail users who use PGP.
  • We also offer a Password-protected Emails feature that allows you to send E2EE emails to anyone.
  • All emails — including non-E2EE emails you choose to send unencrypted to people who don’t use Proton Mail — are stored on our servers using zero-access encryption. This means we have no way to read your messages, scan them for advertising purposes, or hand them over to a third party.

End-to-end encrypted email

End-to-end encryption means the contents of your emails are encrypted on your device before being uploaded to our servers and can only be decrypted and read by the intended recipient. 

This is achieved using the OpenPGP(new window) email encryption standard, which uses public-key cryptography(new window) to securely transmit messages between individuals. Messages are encrypted with the recipient’s public key and can only be decrypted using their private key (which only they have access to). No one else (including Proton Mail) can access the contents of E2EE messages. 

OpenPGP encrypts the contents of messages and all attachments. The subject line and other metadata are not encrypted. To allow for advanced features (such as searching emails by subject line), Proton Mail’s end-to-end encryption works the same way.

End-to-end encryption for messages sent between Proton Mail users is automatic, and our integrated OpenPGP support makes it easy to send and receive PGP-encrypted E2EE messages to people that use PGP with other email providers. Proton also informs you when your messages are protected by E2EE with a small blue padlock (for other Proton Mail users) or green padlock (for OpenPGP users).

Learn more about how to check encryption status using lock icons(new window)

Additionally, we offer an Password-protected Emails feature that allows you to have end-to-end encrypted conversations with someone no matter what email provider they use. The recipient is sent an email telling them that an encrypted message is waiting for them on our servers. 

To read the message, they must log in using a password you have previously shared with them. Once they have read your message, they can reply with a message that is also end-to-end encrypted. 

Learn more about Password-protected Emails(new window)

Zero-access encrypted email

It is also possible to send and receive unencrypted emails to and from non-Proton Mail users. These are secured in transit to our servers using TLS encryption and are usually also secured in transit to the recipient’s email service’s servers using TLS (all major email services support TLS connections these days). 

Learn more about TLS encryption(new window)

How messages are stored on the recipient’s email servers, however, is up to their service.

All messages (incoming or outgoing) stored on Proton Mail servers, whether E2EE or not, are secured using zero-access encryption.

They are encrypted using your public key and can only be decrypted locally on your device(s) using your private key (which, for additional security, is itself encrypted(new window) using AES-256 and secured using a password that is hashed with bcrypt).

This means we cannot access the contents of any messages stored on our server.

Learn more about zero-access encryption(new window)

Open-source encryption

Making our apps open source provides transparency by allowing anyone to examine software code for issues. All Proton Mail apps are fully open source and have been independently audited(new window) by security professionals. 

We also only use trusted open-source cryptographic libraries to implement AES, RSA, and OpenPGP to secure your emails. 

In addition to this, Proton Mail is the official maintainer(new window) of OpenPGP.js(new window), the world’s most widely used JavaScript email encryption library, and GopenPGP(new window), a high-level OpenPGP wrapper library developed by Proton Mail.

Your email is secure with Proton Mail

Unlike most email services, Proton Mail views your data as something to protect, not exploit. That is why we apply zero-access encryption to all emails on our servers and make it easy to send end-to-end encrypted emails to both Proton Mail and non-Proton Mail users. 

At Proton, we want to make privacy on the internet the default for everyone, and we knew the most important place to start was fixing email. That’s why we developed Proton Mail. Developing zero-access encryption for stored emails and providing an easy way to send truly secure end-to-encrypted emails to anyone were the first steps toward giving everyone the tools they need to control their online data.

FAQ

What is end-to-end encryption?

End-to-end encryption (E2EE) means that you encrypt your own data on your own device, and only you and the intended recipient can access it. Thanks to this encryption, no one else can read your E2EE messages, including Proton Mail and the recipient’s email service.

What is zero-access encryption?

Proton Mail stores all emails — incoming and outgoing — on its servers using zero-access encryption. The message is encrypted using your public key and can only be decrypted using your private key, which only you possess. This means that while a message is stored on our servers, only you can access it.

Zero-access encryption only applies to messages stored on Proton Mail. If the person you wrote an email to does not use Proton Mail, their email service can likely read it. 

To send emails that are truly secure, even on other email services’ servers, you should use one of our end-to-end encrypted email options. 

What is OpenPGP?

OpenPGP is a popular and secure encryption standard used to secure emails. OpenPGP encrypts the body of emails and attachments. It does not encrypt the subject line and other metadata, such as when an email was sent or who the sender is.

What is TLS?

Transport Layer Security (TLS), the modern successor to SSL, is an encryption standard that allows asymmetric key exchanges using public-key cryptography (see main text above) to securely transmit data. TLS is most well-known for being the security layer for HTTPS, which secures connections to websites, but it is also used to secure emails in transit.

Learn more about HTTPS(new window)

What is AES?

The Advanced Encryption Standard (AES) is a symmetric-key cipher, which means that the same key used to encrypt the data is used to decrypt it. It does not provide any way to securely transmit the key, so AES is mainly used to secure data at rest. AES is often considered the de facto standard of symmetric-key ciphers, in large part because the United States government uses it to protect classified data.

What is ECDH?

Elliptic curve Diffie-Hellman (ECDH) is an asymmetric key agreement protocol used to secure encryption keys during a TLS key exchange. It uses the properties of a particular type of algebraic curve numbers to encrypt connections. Proton Mail also uses ECDH (over Curve25519) to secure OpenPGP key exchanges. 

Learn more about forward secrecy(new window)

Protect your privacy with Proton
Create a free account

Share this page

Douglas Crawford(new window)

Starting with ProPrivacy and now Proton, Douglas has worked for many years as a technology writer. During this time, he has established himself as a thought leader specializing in online privacy. He has been quoted by the BBC News, national newspapers such as The Independent, The Telegraph, and The Daily Mail, and by international technology publications such as Ars Technica, CNET, and LinuxInsider. Douglas was invited by the EFF to help host a livestream session in support of net neutrality. At Proton, Douglas continues to explore his passion for privacy and all things VPN.

Related articles

Can you password-protect a folder in Google Drive?
Protecting a folder with a password is a simple yet effective way of securing files. You may wonder whether you can password-protect a folder in Google Drive. We explain what access controls Google Drive offers and what you can do to improve your sec
Proton Pass now supports passkeys on all devices and plans
We’re excited to announce that Proton Pass supports passkeys for everyone, allowing you to manage and use passkeys across all devices seamlessly. Passkeys are an easy and secure alternative to traditional passwords that can help prevent phishing atta
what is a passkey?
Passkeys are a new way to secure your online accounts using cryptographic keys instead of passwords. They offer a high level of convenience and security, and are a real game-changer in the way we access and secure sites. What is a passkey, though, an
Apple’s marketing team has built a powerful association between the iPhone and privacy. The company’s ad campaigns claim that “what happens on your iPhone, stays on your iPhone.” And, “Privacy. That’s iPhone.” But Apple’s lawyers are telling a diffe
A cyberattack on national public employment service France Travail has exposed the personal data of as many as 43 million people.  The latest breach is the second major cybersecurity attack to happen in France in the past month, raising concerns abo
If I share a folder in Google Drive, can anybody see my other folders
Google Drive makes it easy to share files and folders, but you may have wondered at some point whether the people you’ve shared a folder with can see your other folders. We answer this question below and also share some tips for truly secure link sha
In 2014, Proton Mail was introduced as a web app, revolutionizing how we think about email privacy. Today, we’re excited to broaden the horizons of secure communication by launching the Proton Mail desktop app. Anyone can now use the new Proton Mail