LOGO

Encryption Explained: Why the Concern?

November 30, 2015
Topics:FeaturesMobileHardware
Encryption Explained: Why the Concern?

The Misunderstood Role of Encryption

Following tragic terrorist events in cities like Paris and Beirut, both news outlets and governmental bodies have increasingly pointed to encryption as a contributing factor. This assertion is fundamentally flawed.

Encryption is a readily comprehensible technology, and its adoption should be widespread for enhanced security.

Potential for Misuse Doesn't Equal Danger

Like any technological advancement, encryption possesses the capacity for misuse. However, this potential does not inherently render the technology itself harmful.

Furthermore, utilizing encryption does not signify malicious intent or questionable character.

Addressing Common Misconceptions

Due to prevalent misunderstandings and its current portrayal in the media, a clearer understanding of encryption is crucial.

Resources like How-To Geek can provide valuable insights and help individuals become better informed about this essential security tool.

Taking a few moments to educate oneself on the subject will dispel common myths and highlight the benefits of employing encryption in daily digital life.

What Is Encryption?

At its core, encryption involves transforming intelligible information into an unreadable format. This process essentially scrambles data, rendering it incomprehensible without the proper means to restore it.

Reverting this scrambled data—whether it consists of video files, images, or text messages—back into its original form requires a process known as decryption. This is achieved using a specific method called a cipher, which typically relies on a crucial piece of information known as a key.

A Simple Analogy

The concept might seem complex due to the specialized terminology. However, if you’ve ever devised a “secret code” as a child, you’ve already engaged in a form of encryption.

A cipher can be remarkably straightforward, such as shifting each letter down the alphabet. Consider this example sentence:

This is really geeky

Applying a simple encryption where A becomes B, and so forth, transforms the sentence into:

Uijt jt sfbmmz hfflz

Further complexity can be introduced by representing letters as numbers, assigning A the value of 1 and Z the value of 26. Using this system, our sentence becomes:

208919 919 1851121225 7551125

Applying our letter-shifting cipher to these numerical representations yields:

2191020 1020 1962131326 8661226

In this instance, our encryption cipher involves converting letters to numbers and then manipulating those numbers. The key could be defined as the specific mapping—for example, A equals 2, Y equals 26, and Z equals 1.

Modern Encryption vs. Simple Ciphers

A code as elementary as this one doesn't necessitate secure key sharing. Any determined codebreaker could readily decipher the message.

Fortunately, comparing contemporary encryption techniques to this basic example is akin to contrasting an abacus with an iPad. While fundamental similarities exist in theory, modern methods benefit from extensive research and ingenious development.

These advancements make decryption without the correct keys—held by the encrypting users—nearly impossible. Attempts at decryption through brute force or data reconstruction are generally unsuccessful.

Consequently, malicious actors often target the human element as the weakest link in encryption security, rather than attempting to break the encryption methods themselves.

The Shift in Focus: From Terrorism to Encryption

Concerns regarding robust encryption frequently arise within governmental circles. Contemporary computing capabilities enable the encryption of various data types, including text messages, images, and entire hard drive partitions, effectively safeguarding information from unauthorized access without the necessary decryption keys. The potential content of this encrypted data – which could theoretically encompass anything – often fuels speculation.

Recent Events and the Encryption Debate

Recent attention has been directed towards individuals linked to ISIL utilizing encrypted communication channels, specifically through the WhatsApp messaging platform. This has led to a narrative suggesting that strong encryption facilitates communication among individuals engaged in illicit activities. Consequently, numerous government and intelligence officials are leveraging this situation to promote the idea that encryption primarily benefits those with malicious intent, such as terrorists and hackers.

Several governmental entities have approached major technology companies, like Google and Apple, requesting the implementation of encryption methods featuring concealed backdoor decryption capabilities. These would involve closed-source encryption systems or the inclusion of "master keys" capable of both ciphering and deciphering data utilizing that specific method.

what-is-encryption-and-why-are-people-afraid-of-it-4.jpg

The Risks of Backdoors

Apple’s CEO, Tim Cook, has articulated the inherent danger of such backdoors, stating that a system designed solely for authorized access cannot be limited to "the good guys." An intentionally created vulnerability, like a backdoor in encryption, fundamentally compromises the integrity of technologies integral to modern life.

There is no assurance that a feature intended for legitimate use will not be exploited by malicious actors. Should this occur, the security of all data protected by these methods would be jeopardized.

Historical Context and Governmental Control

Historically, governments have often exhibited apprehension regarding the power of their citizenry, and have pursued measures to maintain control. Therefore, it is unsurprising that the informational security provided by strong encryption generates unease within governmental structures.

The implications of introducing a backdoor into a foundational technology like encryption are significant. Strong encryption standards are vital for securing web browsers, email communications, banking transactions, credit card processing, and password storage. Diminishing this security for everyone is a demonstrably poor course of action.

what-is-encryption-and-why-are-people-afraid-of-it-3.jpg

How, Why, and Where Should Encryption Be Utilized?

Fortunately, encryption is increasingly becoming the standard practice. Have you observed the small lock icon within your web browser's address bar? If so, you are already benefiting from encryption, which secures data transmission to and from that website. It's a proactive security measure, isn't it?

Understanding the Process

Essentially, a secure connection is established where your computer employs a public key to transmit scrambled data to a remote system. This system then decodes the information using a corresponding private key. Because ensuring complete message security – protecting emails, banking details, and other communications – can be challenging, encryption transforms your data into unreadable form, safeguarding your transactions. You are likely already engaged in numerous encrypted data exchanges without even realizing it.

The tech community widely acknowledges the necessity of encryption as a default setting. The belief is that valuing your privacy is crucial, even if you believe you have nothing to conceal, especially given the growing importance of preventing cybercrime, data breaches, and hacking incidents to our safety and financial stability.

Computers and the internet have inherently increased our vulnerability to privacy concerns, and encryption stands as a primary defense. In the past, a face-to-face conversation in a private setting offered a reasonable degree of security. Now, without encryption, virtually all communication lacks any real privacy.

what-is-encryption-and-why-are-people-afraid-of-it-6.jpg

When to Implement Encryption

For the average user, incorporating encryption into their digital life should begin with utilizing HTTPS (HTTP over SSL, an encryption standard) whenever offered by messaging services or online accounts. Ideally, this should be enabled by default in today’s digital landscape. If a service doesn't support encrypted connections, particularly when handling sensitive data like credit card details or personal identification, it’s best to avoid using that website. However, most modern websites with login features will likely establish a secure, encrypted connection automatically.

Consider encrypting sensitive files – pictures, documents, and other important data – stored on your computer. This can be achieved through encrypted file containers or full disk encryption software. Previously, TrueCrypt was a popular choice, but its developers unexpectedly advised users to discontinue its use, citing security concerns and recommending Microsoft’s BitLocker as an alternative. Other options include bcrypt, Filevault, BitLocker, LUKS (for Linux), or VeraCrypt, which is a successor to TrueCrypt.

what-is-encryption-and-why-are-people-afraid-of-it-7.jpg

Encrypting files on your PC isn't necessarily required to prevent hackers from accessing them. However, it's a prudent measure to safeguard important files from unauthorized access by individuals who may gain access to your computer. Encryption should be viewed as a digital privacy barrier, a means of maintaining trust. Just because you trust your neighbors doesn't mean you want them observing your every move!

Encryption and Messaging

The same principle applies to all digital messaging platforms, whether accessed on your phone, tablet, or computer. Without encryption, there's no assurance that your messages aren't being intercepted. If this is a concern – and it arguably should be for everyone – a growing number of options are available. It’s important to note that some services, like Apple’s iMessage, offer encrypted messaging by default, but route communications through Apple servers, potentially allowing for access and storage of your messages.

Ultimately, encryption is a vital tool for protecting your digital privacy and security.

Encryption: Dispelling the Myths

It is our hope that some of the inaccuracies surrounding this often-misunderstood technology have been clarified. The decision to maintain information privacy does not inherently indicate illicit activity. Focusing the discussion solely on terrorism, while neglecting fundamental privacy rights and identity theft prevention, is detrimental to everyone.

Understanding Encryption's Value

Encryption should be viewed not as a source of apprehension, but as a versatile instrument that individuals should utilize according to their needs. It shouldn't be unfairly associated with malicious intent or exclusive use by those with harmful purposes.

Further Exploration of Encryption

For those seeking a deeper understanding of encryption techniques, several resources are available. We have compiled a list of helpful guides and recommended software to facilitate the integration of encryption into your everyday digital experience.

  • How to Set Up BitLocker Encryption on Windows: Learn to secure your Windows operating system with BitLocker.
  • 3 Alternatives to the Now-Defunct TrueCrypt for Your Encryption Needs: Discover alternative encryption solutions following the discontinuation of TrueCrypt.
  • HTG Explains: When Should You Use Encryption?: Gain insight into the appropriate scenarios for employing encryption.

Protecting your data is crucial in today’s digital landscape. Encryption empowers you to control your information and safeguard it from unauthorized access.

Image credits are attributed to Christiaan Colen, Mark Fischer, Intel Free Press, Sarah (Flickr), Valery Marchive, and Walt Jabsco.

#encryption#data security#privacy#cybersecurity#data protection#digital security