Ricochet is the best place on the internet to discuss the issues of the day, either through commenting on posts or writing your own for our active and dynamic community in a fully moderated environment. In addition, the Ricochet Audio Network offers over 50 original podcasts with new episodes released every day.
Decoding the Encryption Debate (Bonus: My Bank Password!)
This isn’t a commentary on the Apple case. I’m not following that very carefully. I’ve been frustrated for quite some time by silly encryption talk, and it’s just now boiling over. So I’m going to share, in layman’s terms, what modern encryption means and how it works. After that, I’ll explain why the encryption debate is like a bad joke gone too far.
Politicians, Republican and Democrat alike, frame the conversation in a completely misleading way that exploits the public’s ignorance of the underlying technology. I pray this is just a result of their own ignorance, and not a more cynical, informed duping of the American public.
Washington seems to treat encryption like Democrats treat guns. They think it’s controllable, can be regulated, and will somehow stop “the bad guys.” We, on the other hand, know there’s no stopping the inevitable. Better that the good guys have access, too.
So, what is encryption?
Modern encryption is based on something called RSA encryption. RSA stands for Rivest, Shamir, and Adleman, the three brilliant mathematicians who discovered a truly beautiful mathematical insight, one that keeps our credit cards safe, our passwords secure, our health records confidential, and our correspondence private.
Before we dive into RSA, a short recent history of encryption. Until RSA, the best encryption methodologies were just exceedingly complex cipher machines, or one-time pads. You may be familiar with a simple cipher from a puzzle book. For example: “A becomes P, B becomes N, etc.” The famous German Enigma machine added complexity by changing the letter mappings each time a letter was keyed into the machine. (Note that it did this in a predetermined way.) The key to cracking the Enigma code was figuring out the initial mapping; from there, if you knew the pattern in which subsequent mappings changed, you could decrypt any intercepted message. In tech lingo, if you can decrypt a message with the same information used to encrypt it, it’s symmetric encryption.
Even older than the Enigma, and more rudimentary, is the one-time pad. In a sense, it’s a cipher as well. Even though it’s older and lower-tech, to this day it remains, under the right circumstances, the only truly unbreakable form of encryption. The key is “under the right circumstances.” More on that later.
A perfect one-time pad is a series of truly random numbers (true randomness is really hard, if not impossible, to get). The person sending the message has one copy of these numbers; the recipient has the other. The sender uses these random numbers to translate his or her message letter by letter, usually just incrementing each letter by the corresponding number. After the pad is used once, it should never be used again. Hence the name one-time pad. If it were to be used again, an attacker could infer the original numbers from their repetition.
Like the Enigma, this is symmetric encryption; that is, the material used to encrypt the message is used to decrypt the message as well. If ever the pad is lost, stolen, or intercepted (worst case), the system fails completely. The beauty is that if everything goes completely according to plan, the one-time pad is the only known method of perfect encryption. Unfortunately, it’s quite difficult to get real randomness, and very hard secretly to get the same pad to both the sender and receiver (this is the clandestine work of spies, dead drops, and tradecraft).
So it’s already clear that these methods are already available to good guys and bad guys alike. Nothing the government could do would stop the spread of these forms of encryption. There’s absolutely no back door to a one-time pad, short of seizing property and Orwellian eavesdropping. Things would still slip through.
Back to RSA. It’s foundation is a simple observation about factoring numbers (as in, the number 6 has the factors 1, 2, 3, and 6). While it’s easy to factor small numbers, it gets exponentially more difficult to do as the numbers get larger. In fact, it gets so difficult that if it’s a reasonably large number, the best-known algorithms for factoring would need to run through more iterations than there are atoms in the universe to solve it.
You may think, “Well, of course, but that number would need to be enormous, right?” But don’t forget, the problem is exponential. The number really doesn’t need to be all that large. To put it in perspective, this post would take up more space in a computer’s memory than that number.
So it’s time-consuming and hard to find factors of a big number. So hard that even the NSA and their supercomputers probably couldn’t find them in any reasonable amount of time.
What about going the other way? Well, the most beautiful thing about this system is that going the opposite direction is actually really fast. If we already know two of the factors, it’s quite easy and speedy for a computer to multiply them to get the large number.
Using all these numbers and a dusting of mathematical sorcery, it’s possible to come up with two random really big numbers. One of those numbers works kind of like our friend, the one-time pad. Instead of using the numbers to map letters, like A -> P, we do it a little differently. First, every letter in the secret message is assigned a number. It can be really obvious, too, like A -> 1 and B -> 2; it doesn’t matter. Now our secret message is just a really big number, too! What can computers do well with really big numbers? Multiply them. The product is our encrypted message.
You can send that to whomever you wish. But only the person with the other original random number can decrypt it. In tech lingo, that’s the private key.
This, as you may have inferred, implies a public key.
The public key is the number we combined in our secret message. Because it’s so difficult to factor large numbers, I can confidently publish my public key in tomorrow’s paper. You could take that number, combine it with a secret message, then post it here on Ricochet for all the world to see. I would be the only one able to decrypt it with my private key. This is known as asymmetric encryption because the material needed to decrypt a message is not the same as that needed to encrypt it.
I know it’s a lot to wrap your head around, but trust me when I say it’s based on relatively simple mathematics. It amounts to something so damn near unbreakable that it’s not even worth trying to crack. By the time anyone gets close, we’ll all be six feet under. In fact, I’m so confident of this that I’ll give you the password to my bank account in the bottom of this message. It’ll just be encrypted using my public key.
What does this mean for the so-called encryption debate?
Well, there isn’t one. It’s purely about an invasion of your typical citizen’s privacy. Unbreakable, strong encryption is so readily available to anyone who wants it that it won’t stop a terrorist or a dedicated crook for a minute. When the US first tried to block the export of encryption technology, computer scientists copied the source code of an encryption library into an academic paper and published it in an academic journal. It all just boils down to simple math.
If you think these things don’t apply to you, please look up in your browser’s URL bar. Do you see that little green lock? That’s encryption, and it’s been keeping your credit card details and your passwords safe from prying eyes for years.
So next time you hear someone mention a backdoor, or even a front door, read it as, “We want a super-secret, really big number that we promise to keep super-secret.” Then laugh, because now you know that if that super-secret number ever gets lost, we’re all in for it. Criminals will have the keys to the kingdom. And that super-secret number will get lost. It’s the government, after all.
Here, as promised, is my bank password: Enjoy it.
—–BEGIN PGP MESSAGE—– hQEMA8U6m0wF95yNAQf9EwWkSiOYjUXlplE9TlX5auG2TJ8Ewfpr7FgXLW70tngw 9Rh6U+Uv7pRmn8jrepmUI/sk8neOcTVRHGzMIEXg2Duxju9DU/nT5Zfv3QD2PQAM opkQMc5L/vGHJhq+t1EXpn/nEhimK0YBZnYOWs96P2onf0BaDKrJOzYouTU0SVUP cRvmg2yuH48d2gOSJFm2kqAWEClRZpcx9znwBxxxX2tu+0yp/ZbMCY3g/SOkACrh +TJsRlCCYYJz69WdJtrK/HtyT613BnUyPnMZb/5bsYzc/yWvaTd3lXwrIuHsz82c 6y5IEWM7uiyVYiXJaSSd3zxzOq8KolZ//5Gbshq/B4UCDAMAcEZ6M6graAEP/2i4 s8KngyvDBKlF5p2R1SyzYizfVw5aZqJ4V1NL7QLi8e8/AbBvTjW9yPlPnqH3vnSd n9GSzOMUF/200P31td1ckYDHd2VGPSA3wK8IijEk/A4gW+7l6vEQy5k+PECLEg72 MMspTZ6XESKKe4sFp5EVoOFLhxSvszDjqhXgsDXKL/ukDHwmtUv42V6j9TfhEZjG jIgg4P7retYn/sFyCbT1y/mLRmrXfsotS2XhNvA8FJL3f8rgBC/wd1R3gN08QIzh R2gSlywPiYQAPATaJ9e2dMfSvZX/yPpOtpEIyWmkL8YzcosI6UnbEQBWX/cpiCpi hSM4EP+Us8ou+X65nRM63ayPn4vx7GnRJozUMzO206BR23F2vgy7NengLIG6RcxY EO/2/+XKzrHPvltvni+iVHiR5i2t1cwNeOitqAQCPBFAlIYTJns3hynQ8tyDN9Fu toqyO3JLt8SxihQ/75yaPb6Gv9dHKids8PPQaIXdd32bMiDVr+Nnw59FRzdKHSTl Mt+08xdEP/xNB6vFTypLp4NCfW1gjpPc/ft6+ZpjOmC4ydG5wPrYq0hZ6dLW1P70 9Ht98DumHnTfAtsLp+TMvAbOZwgPvfEc/RUZulvIKYcdIJik1jxtmd6o7hTJeuOW h6WEieeYJgHhToSi5JkJgwU4pwknI1SIPpJ6iCFxhQIMAyjnI65ZV691ARAAqXuO qhzgO2wgPWUsyKBMVK3TiMqMTyevCetos2TWY/lrE5M+I07hKHETsZzxQnm+Rdu0 4bvNdiXLotQ8CfsnPevTnJjobT63XU5xc7NJKoVvf4gaX593WlL9wd/urG5flktm GgjfOvsAUiK8V9Cdg+RMkjvUUHStjiIUsLb2SIhvZ8s8ld5qeXIF9vlJa3YUb2/j FWcRqO4Hva6Fbx5Gpp3GNxdJh0km50EQlQg+pVAYyA25PrQbaaKa+2mAu9giTINo fm5CH5MUQ5g0exU/nv7JKjNZ3S46wLznurCsxWQD00W0bYMs0kZCCFWkU9Fv+y4g rwg1VHLmleTZwlOaXXfE/8ufaetK0QBjcy0y3k0byY0IlCT61UrMX/zTUGph3UVX lH0F2Op+uQ7zDSEaIp6P2qnpIMLQbf1PHD9OO+7f5bFpFBcK41I/vJGrpZsg8f8F RivKgOFIjPB5enB4847tr/AYafYduoxzHUunXeegXN8h45dolC1xSrhL7pHEyLfM 8S//yphyIrUe5bXF2qZS2Wsk3E8ham5tD4c2Hb7W3rTOLgG2p/r2to8boJkRQ8On uvzNkQXHwI5tZRNIUOPP/XqdhudDMWGXXbNSttZDVjZ5+3OLqM0bQ03sFZbqlob8 0AOUgj0QlgfPNMtA5e9LPrDRuTmD5Kup2oRcuHjSRAEl8iMryZhCFPV2P0+nQuJF tIo6opefJEobtRZ63nLmmNxWb14vmjW5srX9HHjIJ7KxzPRusbQPgHm6sxLyEFyH PoTa =swiM —–END PGP MESSAGE—–
Published in Culture, Domestic Policy, General, Science & Technology, Technology
And your public key?
Gabriel, thank you for the well-written, well-argued post. I submit that this is a few typos away from a front page post.
—
“Encryption is far too important to be left in the hands of the government.”
(Schneier?)
Gabriel, very interesting and clever. Very much like!
Great piece!! I was a cryppie (as they are called) in the Navy. I never got anywhere near this far into the gig, but I find it wonderfully fascinating. By the way, thanks for the bank info….;-)
I agree with your post. The real argument here is not about encryption, because as far as I know, once encrypted in a good public key encryption system, (not all qualify as good) it is very likely no-one except the private key holder can with finite resources crack the code. And even if they did, at immense cost, in time, resources, and money crack that message, the next message starts the problem all over again, so they get hopelessly behind. If it takes a month to crack one message, what can you do with a trillion messages per day, continuing? Not much.
No the argument isn’t about encryption, its about creating a back door, or another private key to not just one user’s encryption, but to everyone’s, oh and by the way, it likely won’t work to create back doors into only some accounts (the truly bad guys, trust us, we are the government at we are here to help you!) but that door will have to exist into everyone’s account, so when the bad guys get it, and they will, no ones encryption will be any good. Side question, can we believe the government is a “Good Guy” Human history suggests that is a bad bet.
One immediate problem with this, once it is known that such a door exists, any sensible person will use someone else’s encryption system, say not made by our favorite American company, who has been coopted by our friendly government, but rather by some other company, foreign, so not subject to our law, and because our government will then ban the use of non-approved encryption, read encryption lacking the back door, all lawful citizens will be left with only the risky, bad idea, government tool, and all the bad guys will get their non-back doored system from their own in house, bad guy techies.
Result, criminals will have unbreakable good encryption and the rest of us will be stuck with government issue eye-candy.
Government predictably will try progressively tougher restrictions to keep control, they will fail, or they will transform the first amendment into a joke, You have freedom of speech, as long as you get it approved by you favorite, local bureaucrat.
Welcome to newspeak.
What bank do you use? What is your username at the bank?
Great explanation. But, how does all this Chinese hacking occur (or any hacking for that matter?)
Failure to protect keys. Failure to close other routes in. Failure to use no-kidding encryption and rely instead on “kid-sister” encryption, which is mere obfuscation.
Most “hacking” that you read about is people guessing weak passwords. Frankly you should be ashamed, not proud, if you guessed a “0000” pin or P@ssw0rd!
A few points:
Great job. It is posts like this one, both helpful and fascinating, that make Ricochet so valuable and amazing. Ricochet is the best deal on the internet. I now have a much deeper understanding and appreciation for Apple’s position in this matter.
If Apple creates the backdoor wouldn’t the tech community, not being onboard with this at all, make a super secure version of android, and then the true baddies would just download that version. Then the government has no throat to choke.
And do we start a pool on how long this super secret special OS version not end up on wikileaks?
https://github.com/gabesullice/public-keys/blob/bc5af25045616c6e8e1d70553f6eae10a056e25f/galaxy.gpg.pub.asc
Wells Fargo. I’ll leave my username to simple social engineering ;)
@M.P. We mostly agree, and let’s suffice it to say that my post is a vast simplification. As I said, “Layman’s terms.” I also did open with saying that I’m not directly commenting on the Apple case. I don’t know enough about it to speak intelligently.
I can’t help but indulge you a little bit though ;)
To you PGP point: I think one of the downfalls of PGP is its flexibility and huge set of options. There’s many ways to use it and thus it’s not easily accessible to most people.
To your point on TLS: Yes, it relies on central authentication, but all encryption is based on some form of trust. With TLS, that trust is established and derived from the same mathematical underpinnings. Once trust is established, TLS then uses a Diffie-Helman key exchange to agree upon the symmetric key using the math I described again so that the symmetric key is only known to the sender and receiver. Much like a one-time pad.
There are lots of “attack vectors” that a hacker can use. The simplest, and often most effective is “social engineering.” That happens when an attacker uses our human instincts against us. Like guessing a password based on birthdays or names. It might also look like leaving a flash drive somewhere in the open labelled “Family Photos.” A less paranoid government worker might be curious and put that flash drive into their laptop, injecting a virus.
Then, there’s “brute force.” That means trying many, many passwords until you find a match.
You can also attack someone via software. For example, that virus loaded from the flash drive might try to steal someone’s private key off their computer.
Another is through software bugs. There have been a number of big flaws found in one of the software implementations of RSA, openssl. Those bugs usually “leak” information. That may be by leaking parts of the private key if you’re computer is talking to a computer controlled by an attacker, or by incorrectly “padding” secret messages. That is, and this is a simplification, if your message isn’t large enough, you still want a “really big number” so one should try to generate random garbage to fill that space up. If you do that in a predictable way, one can start to discern what the private key may be.
I’m not referring to the cryptographic aspects of TLS, but rather the Public Key Infrastructure. The PKI is horribly flawed because it relies on centralized Certificate Authorities vouching for the identity of a particular site. Since at a practical level, any CA can sign a cert for any domain*, this means every CA has enormous power.
Now, consider that the U.S. government and Chinese government, among others, have CA certs that are recognized by most browsers and you get to the root (ahem) of the problem: any CA can impersonate pretty much any site and stage a man-in-the-middle attack. So you might think TLS is securing your connection to your bank or webmail provider or what-have-you, but it’s quite possible the connection has been compromised by someone with a CA cert. (e.g. the Feds or the Chinese government)
(*There are some rudimentary methods of protecting big sites like Facebook and Paypal by hard-coding their certs into the client. This was started by Google with Chrome and Firefox does it, too. However, it’s not a really scalable or universal solution to the problem of rogue CAs.)
Seriously? That is all you have in those accounts. After seeing the state of your finances I just do not have the heart to take your money.
Agreed.
And I thought software paid well ;)
Unrelated to encryption, but related to personal security, what is your suggestion for Password storage. Every thing I log into has its own password and log in. A piece of paper next to my desktop is not a great solution. Is there a good solution that is mostly secure that is cross platform? I just cannot remember every log in and password for everything I log into.
Bryan
Building on the title, frankly, I’d love a secret decoder ring I wore that worked with a password for it, so I had one password that I remembered and it stored the rest.
By the way — you “pray this is just a result of their own ignorance, and not a more cynical, informed duping of the American public.” I sort of pray the reverse: Don’t you find it comforting to think maybe they’re just pretending not to understand this? That they’re more competent than they sound? I don’t know if I could sleep at night if I thought they really had absolutely no idea how any of this worked.
I personally use pass (passwordstore.org), but I wouldn’t recommend it for a non-technical person. For the average consumer, 1Password and LastPass are great tools. Essentially they will let you create random, secure passwords for every site you use. They encrypt and store these for you and you simply need to remember a single password to unlock them. Both have plugins for most browser to pre-fill login forms on the sites you visit as well as iPhone/Android apps to do the same.
Using those, your phone becomes your secret decoder ring! Just promise me that you’ll use a pass phrase for you “password of passwords.” E.g. A pass phrase like “jumping yogurt horse wing” is a lot better than “987u3frae**”. It’s easy to remember so that you will NOT write it down and it’s actually quite a bit longer, making it more secure against a brute force attack.
Not when they’re advocating breaking and limiting access to strong encryption. If they’re just ignorant, they might be convinced otherwise and experts might prevail. If they know what they are talking about, then they’re actively deceiving the American public with ill-intent.
Hey Gabriel what’s your home address. We’d like to try a rubber hose attack…..just kidding great article.
Encryption is a fact of our technology. Since most people hear the word “computer” and zone out, I’m fine with public officials not understanding how it works.
Just so long as they leave it to the people who actually know what they are doing.
Thanks for the reminder. I heard that early on and forgot it.
Gabriel, have you messed with keybase.io?
The explanation for the above is as follows. If you have 26 letters you can choose to make a password, you have 26^n possible passwords, where n is the number of keys you press to get your password. If you expand that to the special characters, the 10 at the top of your keyboard, you have 36^n possible combinations, but they are now harder to remember.
If you pick a short password with special characters, let’s say 10 characters, you have 36^10 or 3656158440062976 possible passwords. If you pick a longer password, 20 characters, but stick with easy sets of words (ideally 4 or more words to prevent dictionary attacks), you get 26^20 possible passwords: 19928148895209409152340197376.
A passphrase like above, “jumping yogurt horse wing” has 26 characters, out of a set of 27 (lowercase and spacebar). 27^26: 16423203268260658146231467800709255289 possible passwords. “987u3frae” is from a set of 46 (numbers, special characters, and lowecase letters), and is 9 letters long. 46^9: 922190162669056 possible passwords.
One of these is harder to discover by guessing.
I use an algorithm, so each site has a unique password and it is never written down.
I secure my passwords using a program called KeePass. My password file is secured with both a certificate and a strong password. I’m confident enough in it that I store my password file in the cloud so that I can access it from any device. I prefer this to using cloud services. My reasoning is:
I’m far more concerned that one of my devices will get compromised than I am that the encryption will be cracked.
Exactly this.
I also use KeePass. The application will also run off a USB drive without having to install, so you can keep your decoder in your pocket.
Bryan, here is your decoder ring.