Sam Gentle.com

Semi-encrypted email

One thing that I think is a real shame is that encrypted email has never really taken off. Part of that is the abysmal state of UI in encrypted email, to the point where even fairly serious power users and developers have trouble using encryption. Part is to do with the big webmail companies not supporting encryption. But I think a significant factor even if the other two are solved is that encrypted messaging in general is the worst kind of network effect problem.

I say worst because most network effects are just that your thing is only valuable in proportion to how many other people are using it, but encryption manages to be even worse because most of the existing strategies to mitigate a network effect don't work. For example, one thing you can do is provide an easy onboarding process: people who don't use Facebook much still get their Facebook messages as emails. Encryption makes that kind of backwards-compatability fundamentally impossible. You can't make encrypted email work for people who use unencrypted email; that's the whole point of encryption!

But maybe there's something interesting you can do if you're willing to relax your definition of encryption a little bit. Along with each unencrypted email, you could send an encrypted copy of its contents as an attachment. That on its own isn't very useful, except that the encrypted copy doesn't actually have to be a copy; you can change it to anything you like. If you recieve such an attachment and it's different from the unencrypted contents of the email, you display it instead. So by default nothing changes, but there's an extra space for adding hidden messages.

I call this idea semi-encrypted email, and I think it has a number of pretty neat qualities. Firstly, if a lot of messages have encrypted attachments it reduces the suspiciousness of any individual encrypted message. You still have the ability to send regular email to regular people, and they'll just see yet another useless attachment. However, there's a nice backwards-compatible upgrade path to layer encryption on top.

I think there would be some encryption and key distribution-related hurdles to jump, but I think those are fairly tractable. At this point the main thing holding encryption back isn't technology, it's user design, and that's where I think the new frontier of crypto innovation is.