How does ProtonMail manage search?
According to their support page, it doesn't search in the body of the mail:
At this time ProtonMail does not search the body of your email messages. This is due to the fact that they are encrypted on our servers, and therefore we currently do not have a means to search them.
Instead, it searches in these non-encrypted fields:
- Recipient email addresses
- Sender email addresses
- Subjects
- Date s message was sent/received
- Folder (Location)
- Attachments (only yes/no, not the name of the attachment)
ProtonMail does not offer searching message body of emails in its cloud service, but on its mobile apps and as the Benoit Esnard points out. However, on apps that run locally it can locally decrypt your emails and fully search them locally.
Since the end of 2017 ProtonMail has also delivered a product called ProtonMail Bridge. Essentially, it's a little local email server on your local computer that is a bridge between local email applications: Outlook, Thunderbird or Applemail and the ProtonMail servers.
The Bridge essentially acts like a local email server (using the IMAP and SMTP protocols) and interacts with email clients also installed locally on your desktop computer. As a result, all encryption and decryption occur locally and thus the benefits of end-to-end encryption remain. The Bridge communicates with ProtonMail’s encrypted email server via our API, which supports end-to-end encryption, while email clients can communicate directly with the Bridge via standard IMAP and SMTP. In this way, standard email clients which do not natively support end-to-end encryption can support encryption without modification. Another way to think of it is that the ProtonMail Bridge translates end-to-end encrypted email data into a language that any email client can understand, thus “bridging” the gap between ProtonMail’s end-to-end encryption and your standard email client.
-Source/read more here.
Tutanota a competitor, claims to be the "first to enable search on encrypted data" However I'd add the asterisk, the first cloud email service to provide encrypted search, message body included, without requiring an application be installed locally and not to mention not every email has to be decrypted (as would occur with ProtonMail Bridge).
How does Tutanota's secure search of encrypted data work? Tutanota's secure search approach searches the data locally on the client, giving the server zero access. Here's how it works:
From Tutanota:
- The data is indexed.
- The search index is encrypted and stored locally on the client.
- The search index is searched according to the user's search queries.
- The code for Tutanota's search is published as open source so anyone can check it.
Related article complaining about proton mail lack of full search and threading.
Disclaimer I do not work or have an association with either company and I haven't used either. I was researching encrypted mail for future use and came across this thread and the articles I quoted. Much respect to both companies/products, for their efforts to bring user-friendly encrypted email to the masses!