%APPDATA%\protonmail\offline_cache\

Encryption: AES-256-GCM using a key derived from the user’s mailbox password via (memory-hard KDF). The encrypted key is stored in Windows Data Protection API (DPAPI) – machine-level or user-level depending on installation options.

Abstract: As privacy-focused email services gain traction, Proton Mail has extended its encrypted email ecosystem beyond the web browser with a dedicated Windows desktop application. This paper provides an in-depth analysis of the Proton Mail Windows app—its underlying Electron architecture, end-to-end encryption (E2EE) implementation, local data storage mechanisms, offline functionality, and threat model. We compare it against the web client and other encrypted email desktop clients (e.g., Tutanota, Thunderbird with Enigmail). Finally, we evaluate whether the Windows app introduces new attack surfaces or improves security over browser-based usage. 1. Introduction Proton Mail, launched in 2014 by CERN scientists, is a Swiss-based encrypted email service that uses client-side encryption. Until 2022, access was primarily via web browser (JavaScript-based) or unofficial third-party desktop bridges. In late 2022–2023, Proton released an official Proton Mail desktop app for Windows (alongside macOS and Linux). This move aligns with a broader trend: secure services providing native-like experiences without browser extension dependencies.

For threat models where the adversary controls browser extensions or where the user desires offline access without leaving a browser tab open, the Windows app is a clear upgrade. For users with extreme paranoia (air-gapped machines, Qubes OS), the web client in a disposable VM remains superior.