If you have been following the news, you’ve likely heard about the federal government trying to force Apple to break into an encrypted phone at which Apple refuses. This has brought into the public eye the debate about encryption and a new fervor in our legislative bodies to ban strong encryption. I want to point out something extraordinarily important – both Apple and Google have had requests to unlock phones in the past, they refused, and it didn’t make national news. What is different here is that the government is using a possible terrorism case to in order to scare people.
If you remember back to 2001 and 2002 after 9/11, a very similar thing happened. The government scared its own people into giving up their privacy via the Patriot Act. In fact, this has happened multiple times in the course of US history, another notable example being the Red Scare that launched HUAC that ruined the lives of many.
The same thing is happening here. Please stand up for your right to privacy and do not allow the government to scare you into accepting laws or policy that removes your rights as a citizen.
Why is it important to have strong encryption? Our phones and computers are digital devices. They use a bunch of little 1’s and 0’s to store everything. In an unencrypted device, anyone who has access to the device (be it physical access or through remote software) can read those 1’s and 0’s and get access to our personal information. This information ranges from the innocuous like Facebook login information and pictures of your cat to more important things such as credit card numbers, tax documents, business emails, and more. Without encryption, everyone has access to your data should your device become lost, stolen, or hacked. What’s more is that unencrypted communications to your bank, social network, email, and more can be read by anyone with a set of free “sniffing” softwares on their computer.
So what is strong encryption and what makes it “strong”? Well, what encryption does is it passes those 1’s and 0’s on your device or in your communications through a mathematical equation so that they look like they are completely random. That cannot be deciphered into anything readable or useful which prevents prying eyes from seeing your data. In order to view that data, you have to have a password, or a “key”, in order to unscramble the 1’s and 0’s.
That password comes in the form of two secret large prime numbers. When they are multiplied together, they create an even larger number which is used to encrypt the data and this larger number is viewable to anyone who wants it. You can then use your two secret prime numbers to decrypt the data. The reason this method is used is because it is currently very, very difficult to start with that big number and then do the math calculations to discover what the starting prime numbers were.
In strong encryption, these prime numbers are “extra” large which makes it “super extra” hard to crack. This means that hackers and evil-doers can’t get your data unless they have a super computer and months of time to wait. The reason it takes so long is that the computer will have to go through and test billions of combinations of numbers in order to find out which two prime numbers were used to encrypt the data. In weaker encryption, the type that certain people in the government are proposing are used, these prime numbers are much, much smaller. This in turn means that the calculation times required to find the two secret prime numbers drops to next to nothing. A person with a good computer can “brute force” their way through weak encryption in a couple minutes making it useless.
Should the government ban strong encryption, your devices and communications might as well not be encrypted at all. The entire point is to prevent unauthorized access to your data and keep you safe. Weak encryption offers none of that.