Encryption Ensures Privacy

Encryption techniques are mathematically designed to be uncrackable, at least in an amount of time that relates to the value of the secret. This means the time and computing resources needed to successfully attack the encryption will cost more than the attacker is willing to spend. More computing power means less time. If it takes ten thousand years to crack the encryption, the value of most secrets will have expired in that time.

If the encryption algorithm is in fact not crackable in a reasonable amount of time, the attention turns to the key selected for encryption. If the key is short and simple or uses a flawed random number routine, it may be cracked or guessed. If the key is “robust”, it will not be solved in a reasonable amount of time.

A good encryption process with a good key is not reasonably crackable. The information being protected by good encryption is safe and secure. This is by design and is usually proven mathematically before an encryption algorithm is approved for secure use.

The idea that encryption is easy to crack is false. Poorly implemented encryption schemes may have flaws or weaknesses in them. Encryption schemes may have “back doors” embedded into them that create flaws or weaknesses. But this is usually only possible with proprietary encryption schemes. Public encryption schemes are available for scrutiny and testing to confirm their level of security. Any weakness, flaw, or embedded backdoor renders the encryption scheme not trustworthy and of little practical use for security.

The idea that national security demands backdoors in all encryption schemes seems moot. Any attempt to do this builds obsolescence into the encryption, allowing competitive products to dominate the market. A legislative effort to weaken encryption for the purpose of enabling decryption by law enforcement would have to outlaw all strong encryption in all products and the use of any products with strong encryption in them. This does not seem practical and would only result in criminals using more secure products than the general public.

When a criminal defendant prefers to not reveal a secret, it may be possible to attempt to compel them to reveal the secret with increasing levels of penalties. The same is true of compelling a criminal to produce the key to a safe or the key to encrypted information. But when the criminal is not motivated by the penalty of death, there is no means to compel the release of the key.

Comments are closed.