Originally published at: https://coreyjmahler.com/2016/09/30/encryption-explained/
I had thought, at first, to start this article with a long list of Latin phrases. Whereas that may have left my high school Latin teacher overjoyed, I suspect it would have detracted from my main goal: Explaining encryption in an accessible, understandable way. Naturally, that means I abandoned the Latin and opted to start with math.
The Mathematics of Encryption
Just kidding. You don’t actually need to understand any mathematics to understand encryption (being a liberal arts major, this is a welcome truth). However, there are some logical concepts and definitional issues to address before delving into why so many people fundamentally fail to understand encryption.
Signal and Noise
For our purposes (which are admittedly fairly simple), signal is the information you want and noise is everything else. Stripped to its bare essentials, a good encryption system takes signal and turns it into noise (which can later be converted back into signal, of course). Let’s go through a simple example:
We are going to start with the phrase “Math hurts my soul.”, which is our signal for this example. That phrase is going to be encrypted with the key “Arma virumque cano”. Once encrypted, our signal becomes this gobbledegook:
Without our key (i.e., “Arma virumque cano”), that string is nothing but noise. Of course, we have the key, so we can decrypt that string, which yields our original signal: “Math hurts my soul.”.
Encryption Is Math
Whereas you do not need to understand the mathematics behind/underpinning encryption, it is fundamental to understand that encryption is math. A lot of very smart people have spent a lot of time posing, answering, and testing some very complex questions. The long of it is, well, very long, very complicated, full of symbols masquerading as numbers, and well beyond the scope of this article. The short of it is this: Encryption has been invented, it works well, and it cannot be un-invented. No amount of wishful thinking, vacuous (hopefully) threats, or blustering by politicians and political candidates will reseal Pandora’s box. Stop trying. If necessary, go find some windmills at which to tilt, at least then we’ll all have a good laugh.
Proper encryption is a perfect door: If you don’t have the key, you aren’t getting past the door. While you could pick the lock if you were given infinite time to do so, the Universe isn’t quite willing to give you infinite time. The heat death of the Universe will occur long before you pick the lock (no, really). What that means, practically speaking, is that a proper encryption system has only one weakness: the key.
Sticking with our perfect door, let’s say you copy the key and give the copy to a friend. Now there are two possible points of failure (i.e., you and your friend). Maybe you trust this friend and maybe he’ll never lose the key. Regardless, the system is weaker than before (i.e., two points of failure is weaker than one, all else being held equal).
However, when discussing weakening encryption by minting additional keys, we aren’t typically discussing giving a copy to a friend. So, let’s revisit (and modify) our door analogy: Now, instead of making a copy of your key and giving it to your friend, you make a copy of your key and give it to the Government. Do you feel safer? Even ignoring the technical hurdles of storing keys minted for the Government (and the bureaucratic nightmare of determining which agency will have responsibility for the keys and how sharing/distribution will be handled), creating a massive store of encryption keys would bring with it a raft of issues, some of which are discussed infra, for which there are no readily available answers.
Moral and Practical Considerations
Weakening a system of encryption is not a one-off affair. Once weakened, an encryption system can be exploited by anyone who knows of or discovers that weakness. It may be that you do not fear your Government or its intentions. However, I suspect your tune would change if you were a political dissident in, say, Communist China (or North Korea if you could find a working computer). Are we willing to condemn to exposure (and in many cases execution) political dissidents around the world because the FBI believes that encryption makes their job too challenging? I should hope not.
Mobile Devices and Encryption
At present, the encryption systems used by iOS devices and some others are uncrackable (again, heat death of the Universe). The US Government (and a shady cabal of others) would like Apple (and others) to create a system whereby that encryption is no longer uncrackable. This is extremely misguided and wrongheaded. There are two ways to accomplish the Government’s goal, and they are virtually identically terrible.
First, the Government could be given a master key or a set of keys (e.g., one per device) to allow access to devices, presumably under warrant. Second, companies could be required to maintain a database of keys and allow the Government access as requested, again presumably under warrant. Whereas the second of these two systems is preferable (at least the Government, with a track record of running amok, wouldn’t have permanent, complete access to all devices whenever it felt like it), both are far from ideal (after all, the Government doesn’t usually have much difficulty in convincing companies to cooperate, even when such cooperation is a breach of standing law).
Undoubtedly, preventing and prosecuting terrorism are both of great importance. However, “terrorism” cannot be allowed to become a sort of magical word the Government shouts whenever it wishes to do something. As the recent past has shown, the Government is all too willing and all too ready to trample the rights of the People and even flagrantly to flout existing law. It would be foolish to allow encryption, and all that would attend its loss, to become collateral damage.
Encryption Doesn’t Prevent Proper (and Most Improper) Investigative Activity
Encryption will never thwart all law enforcement activity (this seems obvious, but apparently doesn’t go without saying). No amount of encryption of your data will save you from a simple key-logger (whether installed on your machine or literally in your keyboard) or a surreptitiously placed camera. Many attacks, often used after the fact as ‘justification’ for attacking encryption (and privacy, liberty, and freedom more generally), are plain and simple failures on the part of law enforcement or immigration. Of course, it is easier for the Government to scapegoat technology and technology companies than to admit to their own obvious failures.
Encryption in a modern world is of fundamental importance; it protects everything from your online purchase of bed sheets to your banking transactions to your personal journal. It has ever been the case, but bears repeating: Do not let anyone work you into an emotional frenzy on any issue. Good decisions are not made by hot blood. Without resorting to the aforementioned string of Latin phrases, suffice to say: cum grano salis. Everything with a grain of salt. People have agendas, organizations have agendas, Governments have agendas.
While it is certainly, and rightfully, part of the responsibility of any proper Government to provide for the safety of its citizens (which naturally includes preventing terrorism), pursuing that end by any means is simply unacceptable. Weakening the encryption on the devices we use every day will only leave all of us more vulnerable. The increasing interconnectedness of the world and the growing threat of ideologically driven terrorism pose hard questions, and hard questions do not have easy answers. Banning or compromising encryption is an easy answer, easy and wrong.
I would say that I am no mathematician, but I can already hear my engineer friends laughing maniacally at the understatement. ↩︎
We aren’t using the technical (i.e., scientific/engineering) definitions of “signal” and “noise” because we don’t need them and we’re using the terms relatively informally. ↩︎
For the curious: I’m using AES256. ↩︎
A little light reading: http://www.sacred-texts.com/cla/virgil/aen/aenl01.htm. ↩︎
And, let’s be honest, my knowledge of mathematics. ↩︎
Assuming we’re going with the interpretation that Pandora’s box also contained hope. ↩︎
Yes, we’re assuming a handful of things here, but they’re solid assumptions made by people with knowledge that far exceeds our own. ↩︎
Yes, I realize that if A (i.e., the friend is absolutely trustworthy) and B (i.e., the friend will never lose the key) are both defined as true, then one could argue that the system is not, in fact, logically any weaker than it was before the copy of the key was issued to this perfect friend, but people aren’t perfect and this article isn’t about formal logic. ↩︎
And let’s not mention that the Government isn’t even able to keep its own personnel records safe: https://en.wikipedia.org/wiki/Office_of_Personnel_Management_data_breach, and that our geopolitical adversaries are exploiting the Government’s criminal ineptitude to out US spies: http://arstechnica.com/security/2015/08/china-and-russia-cross-referencing-opm-data-other-hacks-to-out-us-spies/. ↩︎
Assuming you type your journal; if you handwrite it, then it’s protected only by your terrible handwriting and your home’s physical security. ↩︎
I couldn’t help myself; it had to be done. ↩︎