Encrypt Gmail Effortlessly: A Quantum-Safe PWA for Private Email

There’s a moment many of us in technology eventually experience: you open your inbox one day and realize just how much of your life is quietly sitting inside. Old conversations. Financial records. Personal documents. Fragments of who we used to be.

Email is familiar, but that familiarity hides a simple truth, it was never designed for the world we live in now.

As a team, we found ourselves asking a question that started simple but grew louder over time: Why is protecting email still so complicated?

That question pushed us into a project that none of us expected would resonate as much as it did, a Progressive Web App (PWA) that lets Gmail users send and read encrypted, quantum-safe emails without leaving the comfort of their regular inbox.

No new platform. No new account. No technical knowledge required. Just safer email, wherever you already use Gmail.

Here’s the story.

Email Feels Personal — But It Isn’t Always Private

We all rely on email for things we’d never hand to a stranger:

• tax documents
• sensitive work information
• identity papers
• personal conversations
• everyday details that quietly reveal who we are

And while Gmail is secure, the structure of email itself comes with weaknesses that haven’t aged well.

Messages travel across systems you don’t control. They sit in inboxes for years. Attackers can intercept and store them now, planning to decrypt them later, especially in a future where quantum computers exist.

We kept coming back to the same thought: privacy shouldn’t be something people only think about after it’s too late.

Our Goal: Encryption Without Friction

We didn’t set out to build a new email app. Or convince people to migrate. Or redesign the way communication works.

We just wanted to make one thing possible:

“Could people keep using Gmail as usual, but add powerful, quantum-resistant encryption whenever they want?”

That became our north star.

The result was a PWA that:

• lets users log in with Gmail
• encrypts emails before they leave the device
• works across phones, tablets, and desktops
• can be installed, or simply used in the browser
• decrypts encrypted emails inside the inbox with one tap

Nothing to download. Nothing to configure. Nothing new to learn.

Just an invisible layer of protection when you need it.

Here’s An Example: Encryption and Decryption On the Browser

The Part We’re Most Proud Of: Quantum-Safe, Per-Email Encryption

Here’s the part that feels almost magical, even to us:

Before an email leaves your device, the app uses ML-KEM, a quantum-resistant encryption algorithm designed to withstand even the future generation of computers.

And to push security further:

🔑 The encryption keys are generated fresh for every single email.

Each message gets its own keys; unique, ephemeral, and never reused.

This means:

• No long-term keys for attackers to target
• No key reuse vulnerabilities
• Even if one message’s key was compromised (extremely unlikely), every other message remains safe

It’s a bit like sealing every message in a completely unique, one-time-use vault.

And because the encryption happens entirely on the user’s device, the plaintext message never touches our servers, not even for a moment.

But Let’s Be Honest About One Thing

We believe privacy tools should be transparent, not magical.

So here’s the part many people forget and we say this openly:

If the recipient’s device or account is already compromised, no encryption system can protect the message once they open it.

That’s not a weakness in the app. It’s the reality of all secure communication, from Signal to WhatsApp to PGP.

What this PWA protects is everything before that moment:

• messages in transit
• messages stored in Gmail
• messages grabbed by attackers hoping to decrypt them later
• network interception
• inbox harvesting
• future quantum attacks

And that’s a meaningful improvement for anyone who values privacy.

Why a PWA? Because Privacy Shouldn’t Be an App You Have to Install

We chose a Progressive Web App for a reason:

• It works instantly in the browser
• It can be installed like a real app
• It works on phones, tablets, and desktops
• It stays lightweight and fast
• It updates itself automatically
• It doesn’t require an app store or downloads

Technology that protects people should feel invisible. PWAs let us build exactly that.

This Was Never About Impressing Anyone — Just Helping People

Some projects are built to show off. This one was built because we genuinely wanted something better.

We didn’t want to create another privacy tool that only experts use. We wanted something that felt natural, subtle, and accessible.

Something that gives people a simple choice:

“This email matters. I want it protected.”

No ceremony. No complexity. Just a quiet guarantee.

What Comes Next

We’re continuing to improve the app with things like:

• support for other email clients

But the mission stays the same: make email privacy effortless, modern, and future-proof.

A Final Thought

Working on this project taught us something we’ll carry into every future idea:

People aren’t avoiding privacy tools because they don’t care. They’re avoiding them because they’re complicated.

If we make privacy feel natural, something that fits into life instead of interrupting it, people will choose it.

This PWA is our small step toward that future. If you’ve ever wished your Gmail inbox felt just a bit more like a private conversation, maybe this is for you.

For reference,

here is the user manual and demo video.