This isn’t a commentary on the Apple case. I’m not following that very carefully. I’ve been frustrated for quite some time by silly encryption talk, and it’s just now boiling over. So I’m going to share, in layman’s terms, what modern encryption means and how it works. After that, I’ll explain why the encryption debate is like a bad joke gone too far.
Politicians, Republican and Democrat alike, frame the conversation in a completely misleading way that exploits the public’s ignorance of the underlying technology. I pray this is just a result of their own ignorance, and not a more cynical, informed duping of the American public.
Washington seems to treat encryption like Democrats treat guns. They think it’s controllable, can be regulated, and will somehow stop “the bad guys.” We, on the other hand, know there’s no stopping the inevitable. Better that the good guys have access, too.
So, what is encryption?
Modern encryption is based on something called RSA encryption. RSA stands for Rivest, Shamir, and Adleman, the three brilliant mathematicians who discovered a truly beautiful mathematical insight, one that keeps our credit cards safe, our passwords secure, our health records confidential, and our correspondence private.
Before we dive into RSA, a short recent history of encryption. Until RSA, the best encryption methodologies were just exceedingly complex cipher machines, or one-time pads. You may be familiar with a simple cipher from a puzzle book. For example: “A becomes P, B becomes N, etc.” The famous German Enigma machine added complexity by changing the letter mappings each time a letter was keyed into the machine. (Note that it did this in a predetermined way.) The key to cracking the Enigma code was figuring out the initial mapping; from there, if you knew the pattern in which subsequent mappings changed, you could decrypt any intercepted message. In tech lingo, if you can decrypt a message with the same information used to encrypt it, it’s symmetric encryption.
Even older than the Enigma, and more rudimentary, is the one-time pad. In a sense, it’s a cipher as well. Even though it’s older and lower-tech, to this day it remains, under the right circumstances, the only truly unbreakable form of encryption. The key is “under the right circumstances.” More on that later.
A perfect one-time pad is a series of truly random numbers (true randomness is really hard, if not impossible, to get). The person sending the message has one copy of these numbers; the recipient has the other. The sender uses these random numbers to translate his or her message letter by letter, usually just incrementing each letter by the corresponding number. After the pad is used once, it should never be used again. Hence the name one-time pad. If it were to be used again, an attacker could infer the original numbers from their repetition.
Like the Enigma, this is symmetric encryption; that is, the material used to encrypt the message is used to decrypt the message as well. If ever the pad is lost, stolen, or intercepted (worst case), the system fails completely. The beauty is that if everything goes completely according to plan, the one-time pad is the only known method of perfect encryption. Unfortunately, it’s quite difficult to get real randomness, and very hard secretly to get the same pad to both the sender and receiver (this is the clandestine work of spies, dead drops, and tradecraft).
So it’s already clear that these methods are already available to good guys and bad guys alike. Nothing the government could do would stop the spread of these forms of encryption. There’s absolutely no back door to a one-time pad, short of seizing property and Orwellian eavesdropping. Things would still slip through.
Back to RSA. It’s foundation is a simple observation about factoring numbers (as in, the number 6 has the factors 1, 2, 3, and 6). While it’s easy to factor small numbers, it gets exponentially more difficult to do as the numbers get larger. In fact, it gets so difficult that if it’s a reasonably large number, the best-known algorithms for factoring would need to run through more iterations than there are atoms in the universe to solve it.
You may think, “Well, of course, but that number would need to be enormous, right?” But don’t forget, the problem is exponential. The number really doesn’t need to be all that large. To put it in perspective, this post would take up more space in a computer’s memory than that number.
So it’s time-consuming and hard to find factors of a big number. So hard that even the NSA and their supercomputers probably couldn’t find them in any reasonable amount of time.
What about going the other way? Well, the most beautiful thing about this system is that going the opposite direction is actually really fast. If we already know two of the factors, it’s quite easy and speedy for a computer to multiply them to get the large number.
Using all these numbers and a dusting of mathematical sorcery, it’s possible to come up with two random really big numbers. One of those numbers works kind of like our friend, the one-time pad. Instead of using the numbers to map letters, like A -> P, we do it a little differently. First, every letter in the secret message is assigned a number. It can be really obvious, too, like A -> 1 and B -> 2; it doesn’t matter. Now our secret message is just a really big number, too! What can computers do well with really big numbers? Multiply them. The product is our encrypted message.
You can send that to whomever you wish. But only the person with the other original random number can decrypt it. In tech lingo, that’s the private key.
This, as you may have inferred, implies a public key.
The public key is the number we combined in our secret message. Because it’s so difficult to factor large numbers, I can confidently publish my public key in tomorrow’s paper. You could take that number, combine it with a secret message, then post it here on Ricochet for all the world to see. I would be the only one able to decrypt it with my private key. This is known as asymmetric encryption because the material needed to decrypt a message is not the same as that needed to encrypt it.
I know it’s a lot to wrap your head around, but trust me when I say it’s based on relatively simple mathematics. It amounts to something so damn near unbreakable that it’s not even worth trying to crack. By the time anyone gets close, we’ll all be six feet under. In fact, I’m so confident of this that I’ll give you the password to my bank account in the bottom of this message. It’ll just be encrypted using my public key.
What does this mean for the so-called encryption debate?
Well, there isn’t one. It’s purely about an invasion of your typical citizen’s privacy. Unbreakable, strong encryption is so readily available to anyone who wants it that it won’t stop a terrorist or a dedicated crook for a minute. When the US first tried to block the export of encryption technology, computer scientists copied the source code of an encryption library into an academic paper and published it in an academic journal. It all just boils down to simple math.
If you think these things don’t apply to you, please look up in your browser’s URL bar. Do you see that little green lock? That’s encryption, and it’s been keeping your credit card details and your passwords safe from prying eyes for years.
So next time you hear someone mention a backdoor, or even a front door, read it as, “We want a super-secret, really big number that we promise to keep super-secret.” Then laugh, because now you know that if that super-secret number ever gets lost, we’re all in for it. Criminals will have the keys to the kingdom. And that super-secret number will get lost. It’s the government, after all.
Here, as promised, is my bank password: Enjoy it.
—–BEGIN PGP MESSAGE—– hQEMA8U6m0wF95yNAQf9EwWkSiOYjUXlplE9TlX5auG2TJ8Ewfpr7FgXLW70tngw 9Rh6U+Uv7pRmn8jrepmUI/sk8neOcTVRHGzMIEXg2Duxju9DU/nT5Zfv3QD2PQAM opkQMc5L/vGHJhq+t1EXpn/nEhimK0YBZnYOWs96P2onf0BaDKrJOzYouTU0SVUP cRvmg2yuH48d2gOSJFm2kqAWEClRZpcx9znwBxxxX2tu+0yp/ZbMCY3g/SOkACrh +TJsRlCCYYJz69WdJtrK/HtyT613BnUyPnMZb/5bsYzc/yWvaTd3lXwrIuHsz82c 6y5IEWM7uiyVYiXJaSSd3zxzOq8KolZ//5Gbshq/B4UCDAMAcEZ6M6graAEP/2i4 s8KngyvDBKlF5p2R1SyzYizfVw5aZqJ4V1NL7QLi8e8/AbBvTjW9yPlPnqH3vnSd n9GSzOMUF/200P31td1ckYDHd2VGPSA3wK8IijEk/A4gW+7l6vEQy5k+PECLEg72 MMspTZ6XESKKe4sFp5EVoOFLhxSvszDjqhXgsDXKL/ukDHwmtUv42V6j9TfhEZjG jIgg4P7retYn/sFyCbT1y/mLRmrXfsotS2XhNvA8FJL3f8rgBC/wd1R3gN08QIzh R2gSlywPiYQAPATaJ9e2dMfSvZX/yPpOtpEIyWmkL8YzcosI6UnbEQBWX/cpiCpi hSM4EP+Us8ou+X65nRM63ayPn4vx7GnRJozUMzO206BR23F2vgy7NengLIG6RcxY EO/2/+XKzrHPvltvni+iVHiR5i2t1cwNeOitqAQCPBFAlIYTJns3hynQ8tyDN9Fu toqyO3JLt8SxihQ/75yaPb6Gv9dHKids8PPQaIXdd32bMiDVr+Nnw59FRzdKHSTl Mt+08xdEP/xNB6vFTypLp4NCfW1gjpPc/ft6+ZpjOmC4ydG5wPrYq0hZ6dLW1P70 9Ht98DumHnTfAtsLp+TMvAbOZwgPvfEc/RUZulvIKYcdIJik1jxtmd6o7hTJeuOW h6WEieeYJgHhToSi5JkJgwU4pwknI1SIPpJ6iCFxhQIMAyjnI65ZV691ARAAqXuO qhzgO2wgPWUsyKBMVK3TiMqMTyevCetos2TWY/lrE5M+I07hKHETsZzxQnm+Rdu0 4bvNdiXLotQ8CfsnPevTnJjobT63XU5xc7NJKoVvf4gaX593WlL9wd/urG5flktm GgjfOvsAUiK8V9Cdg+RMkjvUUHStjiIUsLb2SIhvZ8s8ld5qeXIF9vlJa3YUb2/j FWcRqO4Hva6Fbx5Gpp3GNxdJh0km50EQlQg+pVAYyA25PrQbaaKa+2mAu9giTINo fm5CH5MUQ5g0exU/nv7JKjNZ3S46wLznurCsxWQD00W0bYMs0kZCCFWkU9Fv+y4g rwg1VHLmleTZwlOaXXfE/8ufaetK0QBjcy0y3k0byY0IlCT61UrMX/zTUGph3UVX lH0F2Op+uQ7zDSEaIp6P2qnpIMLQbf1PHD9OO+7f5bFpFBcK41I/vJGrpZsg8f8F RivKgOFIjPB5enB4847tr/AYafYduoxzHUunXeegXN8h45dolC1xSrhL7pHEyLfM 8S//yphyIrUe5bXF2qZS2Wsk3E8ham5tD4c2Hb7W3rTOLgG2p/r2to8boJkRQ8On uvzNkQXHwI5tZRNIUOPP/XqdhudDMWGXXbNSttZDVjZ5+3OLqM0bQ03sFZbqlob8 0AOUgj0QlgfPNMtA5e9LPrDRuTmD5Kup2oRcuHjSRAEl8iMryZhCFPV2P0+nQuJF tIo6opefJEobtRZ63nLmmNxWb14vmjW5srX9HHjIJ7KxzPRusbQPgHm6sxLyEFyH PoTa =swiM —–END PGP MESSAGE—–