Careful Selection of the E‑Mail Mailbox Provider

Secure Encryption for Dispatch and Storage

You entrust everything to your e‑mail inbox: You receive new passwords and some business partners send you confidential documents unencrypted. In the associated address book you store contact data and other personal information. These must not get into the hands of strangers!

End-to-end encryption (E2EE) has unfortunately still not become established among the population. Mails are usually transported unencrypted if the sender and recipient use different providers. Even then, it is worthwhile to use a secure mailbox provider, because then e-mails are at least securely encrypted after receipt. I introduce a provider who takes the complicated encryption off customers' hands. At first I listed two more mailbox providers, but because they use the now outdated PGP encryption standard and because this standard has several weaknesses, I would rather recommend a provider that does it better.

Introduction: Tuta

Tutao GmbH was founded in November 2011 and has been on the market with its product Tutanota since March 2014. The Tutanota brand was renamed Tuta on 7 November 2023.
Tuta is ideally suited for both private and business use and is the only provider of an end-to-end encrypted contact form for website operators!

Why no more Recommendation for Mailbox Providers with PGP?

Current encryption standards like PGP and S/MIME have weaknesses which Tuta avoids.

These standards do not support Perfect Forward Secrecy (PFS) and are not resistant to quantum computers.

Furthermore, the subject of e‑mails should be encrypted. Therefore, the Tuta team has developed a solution based on recognized algorithms (RSA and AES) that automatically encrypts subject, content and attachments.
In the future, it is planned to replace these algorithms with quantum-resistant algorithms.

More facts about Tuta on the next page …


Blog by Matthew Green, cryptographer and professor at Johns Hopkins University, Baltimore, Maryland, USA

Keyword list: AES, Blog, E-Mail, E2EE, End-to-end encryption, IT, Mailbox, PFS, PGP, Providers, Service, Storage, Tutanota, Website, Who, why

Last edited: