Security News > 2022 > December > Google adds stronger encryption for some Gmail users, in beta

Google has added client-side encryption for some email customers, allowing enterprise and education Gmail users to send and receive encrypted messages.

It allows Gmail customers - not the cloud provider - to retain control over encryption keys, thus ensuring Google servers can't access the keys or decrypt customer data in the body of the email or delivered as an attachment.

"With CSE, clients use encryption keys that are generated and stored in a cloud-based key management service, so you can control the keys and who has access to them. For example, you can revoke a user's access to keys, even if that user generated them. Also, with CSE, you can monitor users' encrypted files."

Egad, did Apple do something right? End-to-end encryption for iCloud services Meta, Twitter, Apple, Google urged to up encryption game in post-Roe America Cooler heads needed in heated E2EE debate, says think tank Matrix chat encryption sunk by five now-patched holes.

Google already made client-side encryption available for Drive, Docs, Sheets, Slides, Meet and Google Calendar.

Google's client-side encryption announcement comes about a week after Apple said it will provide E2EE for most of its iCloud services.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/12/19/google_client_side_encryption/