Revelations about American surveillance of the Internet have heightened interest in security and people have become very conscious about internet privacy. Yahoo and Google both have announced that they have been doing work on software through which people could share encrypted emails easily.
ShadowCrypt – A Prototype Extension:
A browser extension prototype called ShadowCrypt has been created by the collaboration of University of Maryland and University of California at Berkeley, researchers. This extension allows easy sending and receiving of encrypted text online at social platforms like Facebook, Twitter or any website.
With ShadowCrypt, the person who sends an email or tweet as well as the person for whom it is meant can see normal text. A website operator or any other person intercepting this message would view a garbled text of numbers and letters.
This extension has been created to demonstrate that it can become easy for the public to use strong encryption techniques which are compatible with social networks also. Devdatta Akhawe, the security engineer of Dropbox has helped develop this extension ShadowCrypt as he is also studying at Berkeley. Akhawe with his colleagues have tested ShadowCrypt with 17 popular websites and it worked flawlessly on at least 14 of them. The list of successful websites tested with this extension includes Gmail, Twitter and Facebook.
First software for encryption released was named PGP, in 1991. It was however quite difficult to use. Generally existing options for encryption for messaging either require changeover to a completely new service, like Silent Circle or are not user friendly.
ShadowCrypt, however can be used on all existing browsers. All one needs to do is install this browser extension and then make keys for encryption specific to every website. A small icon shaped like a padlock in the bottom corner of all text boxes will indicate that ShadowCrypt encryption is in use.
How it Works:
Access can be provided to other people for reading the encrypted text. For this sharing of the encryption key will be required. The authorized user would include this key into their settings of ShadowCrypt and the text will appear normal and readable. For a single website, it is possible to create multiple keys and choose which one to be used. For instance, a unique key could be used for every person to send an email to.
ShadowCrypt is in its research phase; however Justin Troutman, a cryptography researcher says that its design shows a unique and useful approach towards online security. It is the first extension which allows people to opt for securing their data and it is all in their control which data to encrypt and which to not. In the past the data protection was only limited to service provider servers.