Eat your heart out, Russia

ProtonMail to use public key pinning in new anti-censorship feature

ProtonMail is to deploy a new feature in the coming weeks that aims to circumvent attempts to censor its services.

Both the mobile and desktop applications for the secure email provider will soon automatically evade any government, ISP, or corporate-imposed blocks through alternative routing that uses public key pinning.

ProtonMail services are not at present actively blocked anywhere, but its services have faced threat of censorship from Roskomnadzor, Russia’s communications regulator, in the past. Last November, ProtonMail was also briefly blocked in Belarus.

The Switzerland-based company will additionally offer prevention of blocking on its virtual private network apps, ProtonMailVPN.

“When this feature is released in the coming weeks, our apps will automatically detect when a connection might be subject to censorship, and try alternative paths to establish a connection to Proton servers,” a blog post by ProtonMail explains.

“While this method will not always succeed, in many cases it can be effective in bypassing certain blocks.”

Alternative routing

Alternative routing is the use of third-party infrastructure to transmit data. If ProtonMail has its infrastructure targeted by a block, it can borrow the network of Google, Amazon, or Cloudflare, in order to keep its services available, even in countries with censorship.

“All data transferred over third-party networks will remain encrypted at all times, just like the data that is transmitted via your ISP when you connect to Proton services regularly,” ProtonMail said.

“However, these third parties could see your IP address and the fact that you are trying to connect to Proton.”

“We’ve had to customize TLS encryption to make the alternative routing work,” the company added.

TLS (Transport Layer Security) is the encryption standard that facilitates communication between client and server across the web, allowing for secure connections under the HTTPS protocol.

This process relies on certificate authorities (CA) to validate the authenticity of servers, a process that can become a target of information requests by government and law enforcement.

“Because censors require this information to identify targets, we are using public key pinning instead,” ProtonMail explained.

“This provides equally strong encryption but can be problematic if our server is somehow compromised.”

Public key pinning reborn

Public key pinning (PKP) is designed so safeguard websites against certificate misissuance. The technology specifies a set of hashes of public keys that need to appear in the certificate chain for secure connections with a given domain to be allowed.

In 2017, Chrome depreciated the use of HTTP PKP (HPKP) from its websites due to low adoption, complexity and difficulties in configuring safe implementations. Firefox no longer recommends HPKP as a feature and also deprecated support for the technology.

“PKP certainly has advantages but also comes with a lot of things to consider, too,” security researcher Scott Helme, who has previously criticized the HPKP technology, told The Daily Swig.

“Organizations should only use PKP where they can demonstrate a clear need and technical capability to implement it properly.”

Helme said that ProtonMail’s uptake of PKP was appropriate but not “an indicator that other apps and services should necessarily be using PKP”.

“When you use PKP you make a commitment to say I will always use this particular key and only trust it’s me if I use this key,” Helme explained.

“If you then lose that key, say it’s accidentally deleted, then the client would no longer trust that you are you and refuse to connect.”

A ProtonMail spokesperson told The Daily Swig: “Presently, encrypted SNI does not have great device support, but we may be using it in situations where it is a viable option.”

ProtonMail has not released numbers for its active user base beyond saying it protects “millions” of accounts.

“While we have largely been able to overcome censorship and attacks, it’s imperative that we remain one step ahead of those who would seek to spy on people and restrict the freedom of information,” the company said in its blog post.

“Alternative routing is an additional capability which helps us ensure users can access our services.”

Users of ProtonMail apps will have the optional ability to switch off the alternative routing feature under the ‘Settings’ menu.

Alternative routing will not be made available for the ProtonMail website but will work on all mobile and desktop apps (both ProtonMail and ProtonVPN).


RELATED ‘It’s our mission to bring a secure intent to everyone, everywhere’