This is necessary because, as soon as quantum computers exist, all currently encrypted emails can be decrypted afterwards.
"We expect, as do other cryptography experts, that in a few years quantum computers can be built that can break widely used encryption algorithms. As a result, even data that is intercepted and stored today could possibly be easily decrypted in 10-15 years," explains Prof. Sascha Fahl of L3S.
Since we know that, for instance, secret services copy and store large amounts of data, it is essential to secure confidential information from future attack vectors such as quantum computers.
So far, there are very few applications that use quantum-safe encryption and there is no implementation for emails yet. Since emails in particular are so important for professional, confidential communication, it is crucial that we find a secure solution here as quickly as possible. More and more business emails are encrypted end-to-end. This confidential communication must remain confidential in the future.
The particular challenge of the project is that the encryption algorithms must be secure but also perform well. Encryption must be performant in the browser, in desktop clients as well as on mobile devices via Android and iOS App, so that even older devices with low memory and computing power can perform the encryption and decryption.
The PQmail project - "Development of a post-quantum encryption for secure email communication" - is supported by EU funding. Together with the team USEC around Prof. Sascha Fahl we plan to integrate the quantum secure encryption into the email client Tutanota to get a usable prototype of quantum secure email ready for the public.
With the introduction of post-quantum encryption in Tutanota, emails can be encrypted in such a way that they cannot be decrypted by quantum computers in the future. This means that confidential communication cannot be read by third parties in the future either. This is also important for companies who want to protect their emails against industrial espionage or malicious attacks.
The project comprises several steps before quantum computer resistant encryption algorithms can be used in Tutanota:
As soon as the quantum secure encryption is implemented in Tutanota, anyone can use it for free. This will increase email security enormously in the long run.
Here is more information on why we need quantum-resistant cryptography now.