Thankfully, both services have applications for Android and iOS. ProtonMail is based in our browser, and although browser security has gotten much better in the last decade or so, browsers are still less secure than a local application. Past that, Tutanota has another security advantage over ProtonMail: dedicated applications. Also, PGP doesn’t have an option for perfect forward secrecy, meaning if someone can compromise a past session, they can compromise a future one, too. There’s no way around it, and no matter if you’re using Hushmail or Gmail, your subject lines won’t be encrypted with PGP. The largest issue with PGP right now is that it doesn’t encrypt the subject line. There are a few distinguishing factors, though. It’s still built on the same recognized algorithms and, on a technical level, it functions much in the same way as PGP services. The difference is that Tutanota doesn’t use OpenPGP - or PGP at all, for that matter. It uses RSA for user-to-user communications and AES for user-to-non-user communications. ![]() Starting with ProtonMail, it’s an OpenPGP service, utilizing the long-standing email encryption standard: RSA for messages between users and AES for messages from a user to a non-user (read our description of encryption for more). Tutanota and ProtonMail take fundamentally different approaches to email security, despite the fact that the end result is mostly the same.
0 Comments
Leave a Reply. |