Electronic Privacy? There's No Such Thing
You will never be secure if you labor under the delusion of privacy.
Mon, October 28, 2013
Computerworld — Most people suffer from the delusion of privacy. They think it can be guaranteed somehow for their various electronic gadgets. But that is a delusion, and sadly even many in the information security field don't know it. Still, it's surprising how strong the desire to believe otherwise is, and how tech companies will sometimes try to feed that illusion.
Take the news that the encryption in Apple's iMessage can potentially be cracked. I was surprised, but not because the encryption could be cracked. That's a given, no matter the encryption algorithm. I was surprised because I didn't know that iMessage used point-to-point encryption. I just assumed that Apple could always read my messages. Call me uninformed for having missed that news, but what I think is that I was actually better informed than those people who saw Apple's promise that it couldn't decrypt iMessage traffic and let the delusion of privacy lull them into thinking that was really true. Believe me, we'd all be better off if we just acted on the theory that there is likely to be a back door every time.
Don't get me wrong. The fact that iMessage uses encryption is refreshing. Such encryption will do a lot to protect most of us in most of what we do (but more on that later). What is not refreshing is that Apple at best implied and at worst misrepresented that its encryption was uncrackable. Any computer professional in this day and age who thinks that any form of electronic communications is completely secure really doesn't know his profession.
OK, I used to work at the National Security Agency, where I was taught that there is no such thing as unbreakable encryption -- just encryption that is strong enough. We used a relatively easy-to-describe formula based on how long information needed to be kept secret. For most time periods, you could come up with an encryption method and algorithm that (supposedly) couldn't be broken for that amount of time.
Using that rule of thumb, you could use relatively weak encryption for plans for a military battle that would happen within a week, but encrypting satellite communications would be trickier, and a lot chancier. After all, a satellite has a long lifespan, and meanwhile down on Earth, there will be exponential computing advances making it easier to break any encryption algorithm used. Complicating things, a satellite's hardware couldn't be replaced (unlike, say, the gear for naval communications). You would have to use encryption that is well beyond what is considered state of the art. But the NSA would never tell itself that the advanced encryption had solved the problem and guaranteed that the communications would be secure. It realizes that even state-of-the-art encryption will inevitably be broken. You just had to hope that, by the time it was broken, nobody would care about the underlying data.