Intentionally flawed encryption
September 26, 2016 at 2:24 PM
“Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text; encrypted data is referred to as cipher text.”
Encryption is a necessary tool for businesses and individuals alike, with our devices becoming more integrated into our lives, the level of data stored on said devices is ever increasing and the security that protects that data needs to be solid and trust worthy.
Whether you’re storing sensitive business data, confidential client information, personal banking details or even naked selfies, you want to know that the data you hold is going to stay private and protected.
This is where encryption comes in, once you’ve encrypted your device it can’t be unencrypted without the correct password, which gives the security that if your device is lost or stolen the data itself remains encrypted and unusable, the device itself may be gone, but the data is safe.
There is however, a current opposition to encryption by American government agency’s such as the NSA, CIA and such, who would like to weaken encryption to gain easier access to data that has been encrypted.
Their basis is that terrorists and criminals are communicating on encrypted messaging apps and have encrypted their devices, making surveillance and evidence gathering considerably harder.
But if encryption is weakened it is weakened for all, not just the target group, you can’t have both easy access and securer encryption.
A simple way to look at this is if all house alarms installed had a built in code that would disable the alarm, as well as the user created code. The authorities then have this code and if needed can enter any home and disable the burglar alarm, then all that is required is this code to get out and the whole system is compromised and thieves have a magic curer to the burglar alarm.
The same goes for encryption, if a back door/easy way into an encrypted system is created the encryption is considerably less effective and is no longer a trustworthy security choice.
We should be striving to create and encourage the creation of quality encryption that protects our privacy and not flawed encryption that has the potential to be exploited.
If you aren’t fussed about the issue I’ll end with a quote from Edward Snowden which I feel is very pertinent;
“Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.”