Three years ago, Google said it was working on a privacy option to allow its more than 1 billion Gmail users to send messages that the Mountain View company couldn’t read on its servers.

The feature seemed close to reaching a mass audience, with both Google and Yahoo, operators of the nation’s most popular free email services, telling users to expect it by the end of 2015. But the companies have yet to roll it out.

Known as end-to-end encryption, the feature would allow users to send emails that would only be visible to the sender and recipient of the message. Currently, when users send emails through Google and Yahoo, the companies also collect the contents of those messages, which are stored on their servers. That makes it possible for the government to subpoena the contents of the emails, and also centralizes information that hackers could raid.

“It protects from unlawful spying,” said Chris Vickery, a lead security researcher at MacKeeper. “It protects rogue nations from infiltrating the system and learning intel.”

But launching end-to-end encryption for a wide swath of users is challenging. One problem is that certain features, including spam filtering and searching by keywords, can become less accessible when certain messages get encrypted, security researchers said.

“You are creating an environment where messages can get lost and become unrecoverable things,” said Clifford Neuman, director of the University of Southern California’s Center for Computer Systems Security. “The vast majority of users — they are more concerned with the reliability of the service than these kinds of issues.”

Security researchers say the encryption could better protect medical documents sent through email or messages sent by whistle-blowers or political dissidents.

“We recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection,” wrote Stephan Somogyi, a product manager at Google, in a June 2014 in a blog post. “But we hope that the end-to-end extension will make it quicker and easier for people to get that extra layer of security should they need it.”

Both Google and Yahoo say they are still working on the changes. Google proposed offering an extension to make this possible through its Chrome browser. When asked about the feature’s progress, a Google spokesman pointed to a statement the company gave to tech news site Motherboard in March: “It remains a work in progress.”

It is unclear when a final version will launch or what characteristics it will have, though analysts say it would likely be optional.

“Beginning in 2015, we set out to deliver a reliable, user-friendly end-to-end encryption key for our Yahoo Mail users,” Yahoo said. “That effort continues with resources dedicated to meaningful innovation and progress on this new frontier.”

One of the challenges surrounding end-to-end encryption in email is the management of keys. Users generate a key that has two parts — a public part that encrypts the message and can be used to direct them to a recipient and the private part that decodes the encrypted messages received by users. Managing this process and making it easy for everyday people can be tough.

“You always have this contradiction of usability and security, and you have to provide both,” said Thomas Oberndörfer, founder of Mailvelope, which builds software that allows for end-to-end encryption of email on browsers like Chrome and Firefox. “If you go too much in the direction of security and your system is not usable, nobody will use it.”

Today, some services like Mailvelope can work with Web browsers and allow users to send encrypted emails through Gmail and Yahoo Mail, but they can be complex. Mailvelope is used by roughly 500,000 users worldwide in Chrome and Firefox and has integrated with Germany’s popular mail servers GMX and WEB.DE. But it isn’t fully integrated with Gmail and Yahoo.

In many cases involving encrypted messages, users must know their friend’s public key ahead of time before sending the message and remember the password to their private key in order to view any encrypted messages received, researchers said. Forget the password and you won’t be able to read your own messages. Both the sender and the recipient of the message must have public and private keys in order for the encryption process to work.

Gmail has more than 1 billion users, while Yahoo Mail has about 225 million. That can make it hard for the companies to drastically change how mail is delivered, especially when many of those users prize simplicity.

“The tools are far too sophisticated and difficult for the average person to use,” said Jeremiah Grossman, chief of security strategy at SentinelOne, in an email. “Even security pros find them tedious. It’s rare to see email encryption used almost anywhere these days.”

Plus, Google and Yahoo make money by targeting advertising to users. Being unable to search through encrypted messages could impact that business, some security researchers said.

A major issue involving end-to-end encryption services is if users forget the password to their private key. A solution to this would be to place the private key on a server, but that could lead the server to become a target for attacks.

There could also be issues with how users will find each other’s public keys and how to verify whether those public keys are tied to the people you want to send the encrypted messages to. Google said it is working on making this easier.

Today, most email services have rolled out two-factor or two-step authentication, allowing a user to enter a password plus a code sent to a separate device, usually a cell phone, in order to access an account in unfamiliar places.

Yahoo has been under much scrutiny regarding its security following its disclosures last year of a 2014 data breach impacting at least 500 million accounts and a 2013 breach that affected more than 1 billion accounts. Most security experts do not believe end-to-end encryption in Yahoo Mail would have prevented those attacks, which focused on user account information rather than the content of emails, but they are still advocating for Yahoo and Google to provide it nonetheless. Google’s new messaging service, Allo, offers an end-to-end encryption option in its messages, but the company has not launched its own version of this for Gmail users.

“As a security practitioner, you really should using encryption more often than not,” Neuman said.

Wendy Lee is a San Francisco Chronicle staff writer. Email: wlee@sfchronicle.com Twitter: @thewendylee