ProtonBlog(new window)
protonmail-openpgpjs-protonmail-security-audit

Proton Mail’s open-source encryption library, OpenPGPjs, has passed an independent security audit

Share this page

At Proton Mail, our goal is to make encryption as widespread and accessible as possible. We believe a key step toward that is having well-maintained, robust, and secure open source encryption libraries(new window). This is the goal of our efforts on the OpenPGPjs encryption(new window) library, which is today used by hundreds of applications (including Proton Mail) serving millions around the world. As the maintainer of OpenPGPjs, we are responsible for making sure the library is up to date and secure, as well as offering basic support to developers who wish to use it.

In March 2018, we released Version 3.0 of OpenPGPjs(new window). With this major update, OpenPGPjs is even more powerful, secure, and efficient. As part of this update, the OpenPGPjs developer community commissioned an independent security audit from the well-respected security firm Cure53(new window). Independent security audits are an important way to ensure there are no vulnerabilities that could be exploited by attackers.

Summer 2018 Security Audit Coverage

The version 3.0 release brought many new features and improvements, such as support for elliptic curve cryptography(new window) (ECC), which uses smaller signing and encryption keys compared with RSA cryptography(new window) (what Proton Mail uses now), making it a faster and more efficient alternative.

The new version also adds compression, which reduces the size of data before encryption to save space (and time) during encryption and transmission. OpenPGPjs now also offers support for AEAD(new window) (Authenticated Encryption with Associated Data). This protocol provides confidentiality, integrity, and authenticity guarantees on encrypted data, so that when you decrypt data, you can be sure this was the exact same data encrypted by your sender, and you can be sure that it was indeed encrypted by that sender. For those who are interested, you can find the full technical details of OpenPGPjs Version 3.0 here(new window).

The Cure53 team focused on a couple of these new features while also taking a closer look at some key aspects of OpenPGPjs’ crypto implementations. In particular, the audit focused on the following:

  • AEAD encrypted packets
  • EAX, GCM, OCB
  • CMAC
  • All cryptographic primitive implementations: AES, AES-EAX, AES-GCM, AES-CBC, ED25519, C25519, ECDSA, HMAC, P256, P384, P521, SECP256K1
  • Prime number handling
  • Date support in signatures
  • Cryptographic API exposure via different providers

OpenPGPjs Audit Results

We are pleased to receive a highly positive result from the audit. No major issues were discovered. In their summary, Cure53 provided the following feedback(new window):

“Tested cryptographic implementations were top notch and excellent quality given the platform. The only limitations come from the platform itself (JavaScript/web), which do not allow for side channel resistance or reliable constant time operations. Overall however this is an exceptional library for JavaScript cryptography.”

As OpenPGPjs forms the foundation of Proton Mail’s encryption, this result provides extra certainty that Proton Mail’s cryptography is properly protecting users as intended. Working with the open source community is an important part of what we do at Proton Mail, and we will continue to build out the OpenPGPjs library. We are grateful to the Proton community for supporting us in these efforts.

Sign up and get a free secure email account from Proton Mail.

We also provide a free VPN service(new window) to protect your privacy.

Proton Mail and Proton VPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan or donate. Thank you for your support!

Protect your privacy with Proton
Create a free account

Share this page

Irina Marcopol(new window)

Irina is one of Proton's longest-serving team members, charged with strengthening and growing our brand and the Proton community. With a background in visual design, events management, and digital marketing, she strongly supports the protection of private data and contributes to building a better internet for generations to come.

Related articles

How to share a PDF
Sharing a PDF with coworkers, friends, or family members can sometimes be trickier than it seems if you’re trying to share a large file or if you want to use secure encryption. In this article, we show you how to share any PDF quickly, easily, and se
Proton Pass for Windows
Proton Pass is launching its new app for Windows, allowing you to access our password manager from your desktop. As one of our community’s most requested features, it’s available to everyone starting today. Proton Pass is the centerpiece of our effo
password policy
Businesses are increasingly dealing with the fallout from cybercrime: The number of attacks is on the rise and the damage done is growing exponentially. One of the most common vulnerabilities for organizations are their passwords. Since they are your
How to free up disk space
If you’ve ever owned an electronic device of any kind, you know the struggle of running out of space. No matter if it’s a smartphone, laptop, or desktop computer, there never seems to be enough room for all your files. Let’s show you some simple ways
What is 3-2-1 backup
Data backup is vital for businesses and individuals alike: In case something happens to your primary computer, you always have a copy of your data to fall back on.  How should you approach backup, though? The 3-2-1 rule can act as a guide when decid
What was your first pet’s name? In what city were you born?  We’ve all had to answer these questions to reset a long-forgotten password, but consider how that works. Much of this information is easy to find for others (or easily forgotten by you), m