What is Key Transparency?

Key Transparency for email is a new advanced security feature for Proton Mail that is based on blockchain technology. 

To keep your information safe, Proton Mail applies end-to-end encryption (E2EE) automatically whenever you email contacts who also use Proton Mail. 

This encryption relies on public key cryptography, which consists of key pairs: a private key and a public key. When you send an email to someone who also uses Proton Mail, the app on your device will automatically encrypt it using their public key, which the app retrieves from Proton’s servers. That person’s Proton Mail app then decrypts your email on their device using their private key. 

Depending on your threat model, you might want to make sure you’re emailing the person you intend to by verifying their public key.

While you may have already used our address verification feature to check public keys, we’ve now made this process easier and more accessible for those who need it, whether you’re a public figure, a high-profile organization, or simply concerned about your security. Proton Mail’s new key verification feature automatically checks your contacts’ public keys, so you can be sure you’re emailing the people you intend. Based on a cryptographic concept known as Key Transparency, it lets you check the status of your keys and those of your contacts using the web version of Proton Mail.

For more details, read the Proton Key Transparency Whitepaper

It works as follows: Your Proton Mail client (for now, our web app) checks if the public key retrieved from the server matches the one in the auditable Key Transparency directory which is stored on a private blockchain. This ensures that your Proton Mail client encrypts your message with the correct key and thus sends your email to your intended recipient.

Public keys aren’t directly published in a directory. Instead, we use hashed results of Proton Mail addresses and their public keys to protect your privacy.

Please note that this feature is currently in beta. Certain functionality is still being developed and refined. 

Also note that even though Proton’s Key Transparency feature leverages blockchain technology, there is no public blockchain, token, or cryptocurrency associated with this feature in its current form.

• How to verify your and your contacts’ keys
• How to verify your contact’s keys using the composer
• Frequently asked questions

How to verify your keys and your contacts’ keys

Periodically, Proton Mail will run an audit to verify that your keys and your contacts’ keys are consistent with what was published in the Key Transparency directory.

To view more information about your and your contact’s public keys, you can check the results of this audit. 

To enable Key Transparency

1. Sign in to mail.proton.me(nouvelle fenêtre) using your Proton Account username and password.

2. Go to Settings → All settings → Proton Mail → Encryption and keys and toggle the Verify keys with Key Transparency switch on. 

To verify public keys

Sign in to mail.proton.me(nouvelle fenêtre) and go to Settings → Key verification (at the bottom of the quick settings panel).

You can now check:

• If key verification was successful for your own addresses
• If key verification detected an issue for your own addresses or your contacts who use Proton Mail

In the rare scenario when Proton Mail detects an issue with your or your contacts’ keys, you may see one of the following messages:

1. Proton Mail detected that changes you made recently to the keys of this address have not been properly applied — In this case, Proton Mail will prompt you to resolve the key issue in your key settings.
2. Proton Mail detected that keys used in the past for this address might not be authentic — In this case, Proton Mail will give you the fingerprint of the public key in question (a unique string of letters and numbers), which you can compare with the fingerprint the recipient sees in their account. If the fingerprints match, you can be certain your mail was delivered without being tampered with.
3. Proton Mail could not verify some changes made to this address’s keys in the past — This might be due to a recent key deletion or a password reset.
4. This address has been disabled and re-enabled recently. While it was disabled, data shared to this address might not have been encrypted with your keys. 

Note that this screen will not list your contacts’ addresses that successfully passed key verification — it will only inform you when it detects an issue.

How to verify your contact’s keys using the composer

You can easily verify your contact’s keys when you send them a message. Using the Proton Mail web app, open the composer and enter the address of the contact you’d like to send a message to. 

If Proton Mail successfully verifies their public key, you will see a blue lock icon next to their email address, and a tooltip that says End-to-end encrypted when you hover over it. 

If Proton Mail detects an issue with your contact’s keys, you will see a red warning icon next to their email address, and sending messages to this address will be disabled for your security.

Learn more about Proton Mail’s lock icons 

Note, it is possible for Proton’s Key Transparency system to give false positives, particularly since the feature is still in beta. If you have questions about Key Transparency or are not sure if you have encountered a false positive, please reach out to our support team.

Frequently asked questions

Is Key Transparency available on Proton Mail’s mobile apps?

Key Transparency is currently a beta release and is only available on the Proton Mail web app. It may come to our mobile apps at a later date.

Will Key Transparency only work with my contacts who have also enabled it?

Key Transparency works with all your Proton Mail contacts who use the web version of Proton Mail. They don’t need to enable the feature. Enabling Key Transparency simply lets you check the status of your public keys and those of your contacts.