Users of the encrypted email service ProtonMail looking for an extra layer of security now have the option of accessing their inbox directly through the Tor network. ProtonMail, originally developed by CERN and MIT scientists, announced Thursday it had added its own Tor hidden service.
According to a blog post from Andy Yen, the service’s co-founder and chief executive officer, users can access ProtonMail on Tor, assuming it’s been properly configured, at https://protonirockerxow.onion.
— ProtonMail (@ProtonMail) January 19, 2017
While ProtonMail is already encrypted by design, Yen points out that users may want to route their traffic through Tor as a means to prevent a hacker from eavesdropping on their connection. The main goal of launching the hidden service, Yen claims, is a means to make the service more resistant to censorship and surveillance.
“Tor applies extra encryption layers on top of your connection, making it more difficult for an advanced attacker to perform a man-in-the-middle attack on your connection to us. Tor also makes your connections to ProtonMail anonymous as we will not be able to see the true IP address of your connection to ProtonMail,” Yen wrote.
According to the blog post, ProtonMail conferred with Roger Dingledine on the .onion site. Dingledine developed Tor and currently serves as the service’s research director and president.
As ProtonMail was able to acquire a certificate from the CA DigiCert, the .onion site exists only on HTTPS, meaning users should see a green bar in their browser upon navigating to the site.
Developers with the service acknowledge that while the concept of using HTTPS for an onion site may sound redundant to some, it was a necessary step.
If Tor was ever compromised, Yen claims having HTTPS enforced by default would protect users. Vice versa, if a certificate authority was ever compromised, or HTTPS was ever cracked, Tor could help safeguard users.
“The notion of HTTPS being compromised is one that we take seriously, considering that there are hundreds of CAs (certificate authorities) that are trusted by default, with many of them under direct government control in high risk countries,” Yen wrote.
Yen goes on to say that the way the site is put together should make it more resistant to phishing.
The company used some spare computational power it had to “generate millions of encryption keys” which it then hashed to generate a more “human readable hash” for the URL. Yen is still asking users to double check that they’re on the right site – most importantly that it has a SSL certificate issued to Proton Technologies AG – before entering their credentials.
Yen points out that the site is experimental, so it may take longer to reach and users’ experiences may vary. Nevertheless, he is still encouraging ProtonMail users who value their privacy to seek it out.
It was over two years ago that DigiCert issued an .onion SSL certificate to Facebook for its own hidden service. The move, at the time, was a milestone; it marked the first time a CA had issued a legitimate SSL certificate for an .onion address.
The move was a success. Over the course of 30 days this past summer one million people accessed the site over Tor.
Following Facebook’s hidden service news, the CA said it was mulling opening up the way it was issued .onion domain certificates. Jeremy Rowley, then DigiCert’s vice president of business development and legal, said the company believed there was a value in providing SSL and TLS security for Tor, but only if the right security controls were in place. The company went on to issue HTTPS .onion certificates for Blockchain.info and the Intercept’s SecureDrop installation in the months following.