SEED: Searching Encrypted Email Dependably. A design specification for secured webmail

Webmail services are a convenient, internet-based access point for email management. A webmail user must trust the service provider to honor the user’s individual privacy while accomodating their email contents. Webmail users are increasingly conscious of the risk to their privacy as many webmail services have fallen victim to cyberattacks where unwanted observers have exploited server vulnerabilities to steal user private data. The relationship of trust between webmail provider and webmail user has been further called into question with the reveal of NSA snooping of user email, often with the tacit approval of the webmail provider. We augment a modern webmail service with end-to-end encryption of user email data. Our system, SEED, is designed to respect the original functionality of the webmail service. Most notably, we enable search of encrypted message bodies using the webmail service’s built-in search engine. With an ancillary web browser extension called SEED add-on, the user is able to manage email in the webmail client while decrypting sensitive email information in a separate local process. The browser extension manages the user’s encryption keys and decrypts email ciphertext automatically such that the user remains ignorant of the underlying cryptographic implementation as they browse their email. Built upon Gmail, SEED stores a user’s email data on Google’s remote servers and guarantees that Google is unable to interpret it. When managing their email, the user still enjoys the full capabilities of the Gmail web client, including composing, reading, and robustly searching email by message metadata. The user is able to do all of this without revealing their usage habits to Google. The user is able to do all of this without revealing their emails to Google. Using SEED, the user benefits from the conveniences of webmail and preserves the integrity of their private information stored online.