Security guru and privacy campaigner Phil Zimmermann could finally fulfil the commercial potential of his famous PGP encryption software of the 1990s with the news that his Silent Circle startup has added email encryption to its roster of products.
Launched last year mainly as a premium security suite for businesses and individuals that view personal communications security as a must rather than an expense, Silent Circle already offers secure document transfer and encrypted video, voice and SMS text on desktops and mobiles.
Silent Mail, the long-promised element to encrypt email and attachments, can now be integrated with a range of POP and IMAP-compatible desktop and mobile email (Outlook, Android and iPhone) clients to complete the list.
A key selling point of the system is that it does not interfere with the user’s email environment and makes end-to-end encryption between other enrolled users transparent.
In the default option, the public key encryption is managed through a hosted Universal encryption server (reportedly located in Switzerland and Canada), a departure from the company’s peer-to-peer model in which users look after their own keys.
The reason for this is to offload complexity; having to obtain certificates and cobble together working email encryption using a separate client are some of the stumbling blocks that stopped Zimmermann’s Pretty Good Privacy (PGP) from becoming more widespread beyond a hardcore of techies in its heyday twenty years ago.
The firm said it was working on a “solution” that would allow users to manage their own keys without being asked to do a computing science degree first. This is promised for the future.
“Resolving the problem of having an easy-to-use email system that keeps the keys in the customers' hands is our top priority,” said the product FAQ.
If Zimmermann and his software partner Jon Callas can solve this problem it will have taken Zimmermann back to his PGP past in a poignant way, combining conventional email with the sort of absolute key security paranoiacs long for.
For some people, this extra dimension is important. Just because you’re paranoid doesn’t mean they’re not out to steal your keys.
Individual Silent Mail users will are given a @silentcircle email address enterprise can use their own domain if they buy more than ten accounts. Each user gets a 1GB inbox limit.
Silent Circle costs $240 (£160) per year.