Today, we are launching something special called Skizzle.
Skizzle is the most secure way to share files over email, with end-to-end encryption and backed by blockchain. Before we talk about why we built this and what makes it special, let’s go over where we are at today with encryption, or even what it means to the end-user. Skip to Part 2 if you just want to know more about skizzle.
If you mail a letter to your friend, you’re hoping that she’ll be the only person who reads it. But a lot could happen to that letter on its way from you to her, and there may be prying eyes who try to read it. That’s why we send important messages in sealed envelopes rather than on the back of postcards. Sending and receiving email works in a similar way. But when you send or receive messages with an email provider who doesn’t transmit messages via a secure connection, your emails could be open to snooping.
Unencrypted email can be read and modified by anyone between the sender and final receiver. A growing number of email providers are working to encrypt email messages in transit, between your computer and the server it is stored on, with a security protocol called transport-layer security (TLS), it is harder for others to read what you’re sending. But it doesn’t secure it at rest, that is when it is finally stored on the servers. Allowing it to be open to being read by whoever is storing it. The data is also exposed anytime there is a hack of your personal account or sharing without your consent, such as a government agency.
The best option available to prevent this is end-to-end encryption, where only the sender and receiver can decrypt the email and no one else.
What is E2E?
“End-to-end” encryption means data leaving your browser will be encrypted until the message’s intended recipient decrypts it, and that similarly encrypted messages sent to you will remain that way until you decrypt them in your browser. This happens through unique keys that only the sender and receiver have access to, and nobody else.
So why isn’t everyone using end-to-encryption when it makes the most sense? There are a couple of issues that have lead to where we are today:
1) Tools to do end-to-end encryption, like PGP (known as Pretty Good Privacy) and GnuPG, have been around for decades since the mid-1990s, mostly used by tech-savvy users, but has been never been mainstream because they require a great deal of technical know-how and manual effort to use and are often hard to use by “normal” users.
It’s also a relatively hard-to-use tool even for the few who would bother to use the command line, clunky email clients’ extensions, and bootstrapped software.
That ease-of-use is a big deal — users normally do whatever is the default, so if the default is secure, then users will normally do the secure thing.
Adding an option for email encryption to Gmail remains as complicated as with any other email service: Users need to enable PGP support in their email clients, must generate and manage their own keys and make sure that these keys are kept safe on their devices. Even then, mobile email encryption is basically impossible
“Encrypt all the things” has been a loud voice, especially since the 2014 aftermath of the Edward Snowden revelations, Google and yahoo decided to join the movement to change that once and for all with a browser plugin that would make sending encrypted emails so seamless anyone could use it.
2. If you do not want to deal with this complexity, you end up using a 3rd party encryption provider who manages your keys and data on your behalf. You give up privacy and place your trust in them. You take their word for what is happening to your data.
This has been the crux of compromises between ownership, privacy, ease of use, and trust.
This is why we built Skizzle.
Skizzle is a chrome extension that does end-to-end encryption of the file attachments you share over email. It is extremely easy to use without a learning curve and puts the users in control of their data. Nobody, not even Skizzle, has access to this data, other than the sender and the recipient.
Skizzle Video Demo:
Skizzle helps you maintain your privacy, and secure your most important documents from leaks.
With skizzle, you can secure your Legal documents, financial statements, Health records, design files, Intellectual Property, Contracts, and many more.
Link to Install: Click here
What makes Skizzle special?
At its core, Skizzle leverages blockchain to manage access permissions and offer transparency.
1) Key Management: Users keys are decentralized such that only they can retrieve them, without the hassle of storing, backing up, and re-entering them every time they move to a new device. You don’t lose your data if you lose your keys. We currently support google authentication to retrieve these keys and will be adding more providers in the future.
2) Frictionless Exchange: With encryption using PGP keys, you need the receiver to share their public key with you before you can send them a file, this inherent friction reduces the number of people you can exchange files with, and even eroding the willingness of receivers in going through this step. With Skizzle, you just need their email ID and can share files with users who haven’t used Skizzle before.
3) Blockchain and Decentralized Identity: Every file is unique and has its own identity. This identity is registered on the blockchain. This file initially belongs to the sender. When they choose to share it with another person, the file is encrypted, and the smart contract registers the receiver as one of the users having permission to receive the file. When then receiver tries to decrypt the file, their permission is first checked on the blockchain and only then is the encrypted file shared with them. Once received, they would still only be able to decrypt the file, if they have access to the correct keys.
4) Revoking permissions: Everyone the user has ever shared a file with, across different emails, are shown in a unified list. Users can now remove access permissions to one or more receivers, even after sharing the file with other.
5) Transparency: All access, shares, downloads, and revoking of permissions, are managed and stored on the blockchain. This means users do not have to just trust us, or take our word. They have complete visibility into what is happening to their every file and can independently verify it.
We hope you like what we’ve built and would love to hear your experience.
Skizzle currently has a free plan to get you started, with plans for teams and enterprises rolling out soon.
Skizzle can be installed from here: Chrome Store, we’ll also be extending this to more platforms and marketplaces so users can experience secure, and private sharing of their data.
You can reach out to us on firstname.lastname@example.org if you have any queries or suggestions.