The continual march of technology is as relentless as it is inevitable, both productive and destructive. Above all, changes in technology — in what is possible — force us as a society to question the principles and assumptions which we had previously taken for granted. In particular, I would like to look at encryption and the challenges it poses.
Encryption is not a new technology. The Caesar Cipher, named after Julius Caesar, was a simple substitution cipher which substituted a letter for another in the alphabet. (In the case of Julius Caesar, a letter was substituted for the letter three places later, e.g. A→D, B→E.) Although this scheme allowed easy encoding and decoding of messages, anyone who intercepted one of these messages would have no trouble discovering what the original message, the plaintext, was. Anyone who has played Cryptoquip can attest to this simplicity.
The major shortcoming of the Caesar Cipher, and most of the encryption schemes which followed, is that the ciphertext, that is, the text after it has been encrypted, is vulnerable to statistical analysis. Letter frequencies in English are not random: in most text, E is the most common letter, followed by T, A, and O. As a result, without knowing anything about a text, guessing that the most common letter will map to E is a fairly good guess.
Statistical analysis was also the downfall of the Enigma Machine, the Nazi machine used during World War Two, (over-)dramatized in the Imitation Game. The ciphertext resulting from the enigma machine was much more sophisticated than previous encryption schemes: a letter could map to almost every other letter. So, for example, pressing “A” five times might result in “BDZGO”. (You can try out the machine yourself here.) The only letter that “A” would never map to is “A”. Changing the configuration of the machine allowed for thousands of possible encodings. The original configuration of the machine, the secret key used to encode and decode a message, changed every day. In Nazi submarines, keys were printed in water-soluble ink to prevent enemy recovery.
The Enigma and its failures are fairly well-known in popular culture. Far less well-known is its Soviet successor, the Falka, introduced in 1956, which fixed the Enigma’s failures and was in use in the Soviet Union until its 1991 collapse. The Falka was far more sophisticated, and essentially computationally unbreakable, but like the Enigma, required the secure exchange of secret keys which could render the machine useless if discovered. The Falka pales in comparison with technology which solves this problem and would soon be available to everyone.
Consumer-grade encryption is a relatively new phenomenon. Encryption was typically reserved for governments, specifically the military. But in 1976, three computer scientists would change the world forever, allowing anyone with a computer to transmit a secret key securely. In their seminal paper, Diffie, Hellman, and Merkle describe a method for two people to share a secret key using modular arithmetic, and the Diffie-Hellman key exchange was born (sorry Merkle). This key exchange creates a secure channel, allowing any information to be shared without being read by a third party.
The creation of secure, seamless encryption available to the everyday person at zero cost is a game-changer. It fundamentally changes the relationship that people have with their government and other people, for better or for worse. In the past, no document was truly secure. Build a big safe, and a government could conceivably arrive and force the lock open, or cut through the walls. Breaking security was expensive, but not impossible. To prevent unfair uses of force, we used the idea of rights, due process, and the courts to check that power. Unfortunately, not all governments care about rights when they should, and criminals certainly don’t. The lock remained a deterrent, rather than a perfect preventative measure.
Modern encryption forces us to reconsider the relationship between rights, ethics, and government coercion, because make no mistake, there’s no going back. The new, encrypted reality has created an impervious lock, a scenario in which no amount of force can crack your safe open. This principle applies equally to criminals, dictators, and lawful orders from otherwise reasonable government. Society will never return to the day when the only thing standing between their information and the government is the law. Technology has added an additional barrier that no government can breach. This is the new status quo.
It isn’t without trying, however. During the Clinton administration, the NSA pushed the clipper chip as a means of allowing the US government to access information when needed, presumably with a warrant. With a clipper chip, each device would be manufactured with a unique key which was stored by the government in escrow. It bombed. Besides inherent technological vulnerabilities and risk of illegitimate surveillance, the US government could only require American companies to use the chip. This would put American companies at a relative disadvantage, and Americans were uneasy about adopting a system with a built-in spying mechanism.
The clipper chip quickly demonstrated a fundamental issue that governments face with encryption: it is impossible to create a system which is impervious to some, but not to others. Mathematically, encryption does not differentiate between a government serving a warrant and a criminal trying to steal your identity. Clipper chips provided an example of a system which is insecure to both: a warrant can easily be served, but there is also little to no cost for the government to potentially eavesdropping on all communication. Modern encryption is mathematically impossible to break for both lawful and unlawful entities.
A more recent and similarly brazen attempt happened in July 2019 when the government of Kazakhstan attempted to break the encryption on the devices of its nearly 19 million people. The Kazakh government asked users to install a government-issued root certificate on their devices, attempting to render their encryption ineffective and spy on all communications. In response, Mozilla (Firefox), Google (Chrome), and Apple (Safari) rejected the Kazakh root certificate. Mozilla cited it’s Mozilla Manifesto, stating
Individuals’ security and privacy on the internet are fundamental and must not be treated as optional.
So at least for the time being, encryption is protected by private organizations pushing back against government attempts to compromise it, resisting any attempts to create a “backdoor” in the system. The main tactic used by government officials seems to be to continue to confuse the issue, suggesting that the government’s problems with encryption can simply be resolved by putting enough smart people in a room together. During the 2016 Democratic primary, Hillary Clinton suggested a “Manhattan-like project” to make sure terrorists can’t communicate securely.
Of course the fundamental issue with any such backdoor system is who is allowed to apply the “terrorist” label. The United States has one conception of the terrorist. Saudi Arabia has another idea. Russia has yet another. One government’s terrorist is another’s whistleblower. Trusting any entity with the capability of breaking encryption for even one individual, even in the most idealized case, means entrusting it to any entity for the most unjust case.
There is ample reason to believe that the government cannot be trusted with this power. In October 2019, a court ruled that the FBI had violated the Fourth Amendment by illegally searching a secret database of internet communications. These searches, made without warrants, included the names, emails, phone numbers, and other personal information of American citizens. This type of search is typically reserved for investigating foreign nationals suspected of “terrorism”.
Ultimately, security is only as strong as its weakest point. An encryption backdoor cannot be protected against bad actors, whether they be international hackers, curious dictators, or overreaching members of the American security community. Nor has the US government made any attempt to open the opaque FISA court system to the normal criminal justice system, making public oversight impossible, and internal oversight less likely. Until such a time, extreme skepticism is warranted.