**⇄ Σ = Mᄃ² ⇆** @[email protected] · Mar 13, 2024, 05:08

**⇄ Σ = Mᄃ² ⇆** @[email protected] · Mar 13, 2024, 05:08

⇄ Σ = Mᄃ² ⇆ @[email protected]

Mar 13, 2024, 05:08

Tuta Mail is an open-source end-to-end encrypted email service with ten million users. Its creator, Tuta, is based in Germany, where it's involved in developing post-quantum secure cloud storage and file-sharing solutions for the government.

https://tuta.com/blog/pqdrive-project

Today, Tuta announced the launch of TutaCrypt, a new protocol designed to protect currently exchanged communications from 'harvest now, decrypt later' attacks.

https://tuta.com/blog/post-quantum-cryptography

**⇄ Σ = Mᄃ² ⇆** @[email protected] · 2024-03-13T05:09:44Z

⇄ Σ = Mᄃ² ⇆ @[email protected]

"With TutaCrypt we are revolutionizing the security of emails. For the first time, people can now send and receive emails that are encrypted so strongly that not even quantum computers will be able to break the encryption and decipher the messages," stated Tuta's CEO, Arne Möhle

New Tuta Mail accounts will get TutaCrypt upon creation, and existing users will get the superior protocol through a gradual key rotation that will take place over the next period.

#CoSoSec

Mar 13, 2024, 05:09 · 2· 0· 2

**MookyTroubadour** @[email protected] · Mar 13, 2024, 05:29

**MookyTroubadour** @[email protected] · Mar 13, 2024, 05:29

Mar 13, 2024, 05:29

MookyTroubadour @[email protected]

@ecksmc who needs quantum computers when you can just get a bad apple onboard at Tuta?

**⇄ Σ = Mᄃ² ⇆** @[email protected] · Mar 13, 2024, 06:13

**⇄ Σ = Mᄃ² ⇆** @[email protected] · Mar 13, 2024, 06:13

Mar 13, 2024, 06:13

⇄ Σ = Mᄃ² ⇆ @[email protected]

@MookyTroubadour what like an employee could read your mail?

i don't get what you are employing a bad apple could do

you could have a bad apple at them like signal or proton or Apple google etc.....🤷‍♂️

**MookyTroubadour** @[email protected] · Mar 13, 2024, 07:16

**MookyTroubadour** @[email protected] · Mar 13, 2024, 07:16

Mar 13, 2024, 07:16

MookyTroubadour @[email protected]

@ecksmc I was thinking more about who has access to the keystore.

**⇄ Σ = Mᄃ² ⇆** @[email protected] · Mar 13, 2024, 07:28

**⇄ Σ = Mᄃ² ⇆** @[email protected] · Mar 13, 2024, 07:28

Mar 13, 2024, 07:28

⇄ Σ = Mᄃ² ⇆ @[email protected]

@MookyTroubadour

when a user registers a secure Tutanota email account the client automatically generates a private and a public key locally on their device. The private key is encrypted with the help of the user’s password before it is transmitted to Tutanota’s servers.

like all E2E services

End-to-end encryption relies on the endpoints' security — the devices used by the sender and recipient — to encrypt and decrypt the data.

**⇄ Σ = Mᄃ² ⇆** @[email protected] · Mar 13, 2024, 07:30

**⇄ Σ = Mᄃ² ⇆** @[email protected] · Mar 13, 2024, 07:30

Mar 13, 2024, 07:30

⇄ Σ = Mᄃ² ⇆ @[email protected]

@MookyTroubadour

If either endpoint is compromised through malware, hacking, or physical access, it can undermine the effectiveness of end-to-end encryption.

Basically there are two keys. One key is used for decrypting emails, while the other is exclusively for encrypting them. they possess only the second key.

They can not use the second key to decrypt your emails...