1

I started using ProtonMail which is an encrypted mail service assuming it works flawless between ProtonMail users. My question is how does a Gmail user decrpyt my message without having my public ProtonMail key?

Does Gmail then use the public key from one of the distributed public key servers to decrpyt the message? How does this work?

Anders
  • 65,052
  • 24
  • 180
  • 218
WiredTheories
  • 237
  • 2
  • 6
  • A public key is used to encrypt messages/data, private key is used to decrypt – pm1391 Feb 01 '18 at 22:57
  • This much knowledge I have as well. How does the recipient decrypt the mail without knowing the public key of the sender. – WiredTheories Feb 01 '18 at 22:58
  • This will speak to the specifics of Protonmail. https://security.stackexchange.com/questions/58541/how-are-protonmail-keys-distributed?rq=1 – pm1391 Feb 01 '18 at 23:08

3 Answers3

1

When you send from ProtonMail to Gmail you have 2 options: send a normal email or send an encrypted email.

If you send a normal email it's not encrypted, and Gmail can read and display it.

If you send an encrypted email to Gmail, you set a password for that particular message and ProtonMail will send a link to the Gmail recipient.

This link will take the recipient to a page on ProtonMail where they are asked for a password and then the message is decrypted locally, in the recipients web browser, and displayed to them.

Jason S.
  • 556
  • 3
  • 4
1

It really depends on the recipient because if the recipient doesn't support your protocol then you can't really do much. For example Gmail can use protocols like S/MIME or TLS dependenig on the compatibility and how secure is the conection between the sender and the recipient.

However if you don not have a good secure connection then it's likely that your messages are unencrypted. In Protonmail you have the option of sending mails with symmetric encryption, so even if the connection is compromised the message is still encrypted, were both, the sender and the recipient, know the shared key.

oglox
  • 11
  • 2
0

Because the public key of the sender is not needed to decrypt a message.

The sender:

  • signs using their own private key
  • encrypts using the recipient's public key

The recipient:

  • decrypts using their own private key
  • verifies signature using the sender's public key

So if you have someone's public key and send that person a message using that key, that person will be able to decrypt it. Assuming you signed it using your private key, they will not be able to verify it came from you, because they don't have a public key to check against, but they will be able to read it. If they do have your public key, they will need to decrypt the message before they have need of it.

Law29
  • 721
  • 1
  • 5
  • 10
  • From where does the sender get the "recipient's public key" ? – WiredTheories Feb 02 '18 at 09:08
  • 1
    Any method at all! By uploading to a keyserver where people can request the key associated to an e-mail (with their fingerprints; lots of people put their fingerprints in their e-mail signatures so that one can check that the keyserver key corresponds), by extracting the key from the signature of a signed-but-not-encrypted mail, by meeting in person and exchanging the files... However, reading the answer from @jason-s, it seems that Protonmail is not actually using asymmetric cryptography. I don't know Protonmail so I can't comment. – Law29 Feb 04 '18 at 10:48
  • then that makes this entire answer irrelevant to the question. – NH. Feb 01 '19 at 16:13