An End-to-End email encryption program - Protects email at rest and in motion

Try for free now

The free trial period is 60 days after which no sending or receiving is possible unless a license is obtained. The stored emails can be viewed also after the trial period.

Superior protection for the real world

EndCryptor protects old encrypted emails - that were copied by an adversary when they traversed the internet - also then when the adversary gets current encryption keys by hacking into user's computer.

Easy to use

No knowledge of cryptography is required. The user interface is similar to a typical email client. User's current email account is used to deliver the encrypted emails.

End-to-End Encryption

The email is encrypted at sender's computer and it can be decrypted only at true receiver's computer.

Quantum attack resistant (On pause now)

It may be possible that before the year 2030 there will be computers that can break current classical public keys. EndCryptor uses classical public keys and new quantum attack resistant public keys. Note that otherwise current encrypted traffic can be copied and decrypted by quantum computers when (if) they become reality. When two persons communicate in turns the quantum protection starts from the second email (included). NOTE: On July 30, 2022 scientists published an article which shows that the used SIDH post quantum system can be broken. Currently we use SIDH in a hybrid setup: an attack is successful if it can break both current classical keys and SIDH - this is not the case now and current computers cannot break current messages. Post quantum cryptosystems are relatively new and it is possible that weaknesses are found - therefore a hybrid setup is used. We are considering other Post Quantum public key solutions now.

Patented technology, state of the art cipher and public keys

The protocol that provides the features has been patented in USA. The implementation of symmetric encryption and public keys uses publicly available source code developed by the scientists who designed the systems.

Main features

EndCryptor offers features that are essential for real world protection: backward security and recovery from an attack. It is important that there is protection when a hacker gets access to current secret encryption/decryption keys.

EndCryptor is more secure than competitors

Comparison between EndCryptor and S/MIME and the PGP-family of email encryption products (PGP, OpenPGP, GnuPG, ...) in case of a successful spying attack which reveals victim's current secret keys - like private keys of public keys - to the attacker. 
  EndCryptor S/MIME and PGP-family
Backward security (= are encrypted messages sent to the victim before the attack protected?)  YES NO
Recovery from the attack will happen When the next message from the victim is decrypted. In quantum attack when next quantum attack resistant Diffie-Hellman key exchange is done. When the new public key of the victim is received. This usually happens at predetermined intervals - after several months or years. No protection against quantum attacks.
Identity theft will be revealed YES NO
Recently private key stealing attack has been done e.g. by a hacker attacking Hacking Team spyware company and malwares Sauron, APT30,Red October, Team Spy and Mask - which operated undetected about 5, 10, 5, 10 and 7 years, respectively - and stole among other things encryption keys. The main targets of e.g. Mask fall into following categories: government institutions, diplomatic / embassies, energy, oil and gas companies, research, private equity firms, activists.

Comparison between EndCryptor and browser based solutions
EndCryptor Browser based
Protection against MITM attack at startup due to hostile root certificate on user's computer YES NO

See: Kazakhstan decrypts internet traffic targeting e.g. Gmail, Facebook

See: The Risks of SSL

If an attacker generated root certificate is somehow (e.g. by malware, by forced user, by evel maid, by evel customs officer or by company policy) installed on user's computer then due to the nature of browser based encryption (SSL/TLS/https) this enables the decryption of the traffic. This decryption happens ouside of user’s computer between the user and the web server. Therefore the attack is classified as a Man-In-The-Middle (MITM) attack. Companies use this technique to decrypt their SSL traffic (includes browser traffic) - motivation is to find viruses.

An additional encryption done in the browser (like doing PGP by javascript) does not give protection against this kind of attack - the javascript code that does the PGP encryption can be modified when intercepted and PGP's private key can be delivered to the attacker.


Email encryption software

Main Window:

Main Window

Email Composing Window:

Compose New Email

Add New Contact:

Add New Contact