Every now and then some politician, leader, or other Person-Who-Hasn’t-Quite-Bothered-Looking-Into-It argues that we would all be safer if we would just weaken encryption. A common argument is that this is necessary so that police can intercept encrypted messages sent between Bad Guys.
The idea behind this argument is familiar to anyone who has ever seen a cop show on TV. The police stake out the Evil Lair, sitting in a van listening in on their phone conversations. And manage to get incriminating evidence then used to put the evildoers behind bars.
If using messaging apps were more like making a phone call then this whole messing-with-encryption situation wouldn’t be all that problematic. Unfortunately, the situation is very different.
Popular messaging apps like WhatsApp, Telegram, Signal, etc. use something called end-to-end encryption. Which means that the messages you send are encrypted on your phone and decrypted on the recipient’s phone. Significantly, during their travels through the Internet, these messages are encrypted.
One way of getting at messages one wants to intercept would be to force the app to weaken its encryption. There’s no way of making encryption easy for one party (like the police) to break, while remaining impossible for another to break. So one would have to weaken the encryption of all messages – those sent by both the Good Guys and the Bad Guys.
We could give the police really powerful computers that could break the (weakened) encryption. Unfortunately, we couldn’t stop others from also getting hold of really powerful computers and thus being able to eavesdrop on all our communications.
Another option sometimes discussed is adding something called a backdoor. So in the example of using messaging apps to communicate, there would be a backdoor – a secret way in – that would allow police to get at the messages in unencrypted form.
There’s nothing wrong with the idea itself – the same way police can apply for a permit to eavesdrop on phone calls they could apply for the right to use the backdoor when needed. The problems arise when you try to implement this in practice.
The problems are similar to those with weakening encryption: there’s no way of designing a backdoor so that only the police could use it. If all of us had to hide keys to our homes under our Welcome -mats, in case the police ever needed to get in, there would be no way to guarantee those keys would only be used by the police.
Sure, we could (and would) try to keep the backdoor a secret. But even just looking back to very recent events, like that whole business with the Shadow Brokers, we can see that secrets have a way of leaking. And then everyone would know where our keys are hidden.
The main problem here, and something we can easily misunderstand based on watching TV cop shows, is the difference between intercepting a phone call and intercepting messages sent with messaging apps. It is possible to restrict eavesdropping access to only one or a few phones. But it isn’t possible to weaken encryption on, or add a backdoor to, just the phones of Bad Guys. The app they use is the same one you use. Either all of our communications are safe or none of them are. Either we can all lock our front doors or none of us can.
Weakening encryption (or, as the more Crazy-For-Coco-Puffs have called for, outlawing encryption alltogether) would make all of our communications less safe. But it would also make basically anything we do online less safe, including online banking and shopping (see e.g. an earlier post on HTTPS).
Bad Guys are scary. A world without encryption is scarier.
As with every other topic in this blog, smarter people have covered this before me. Check out When is ‘not a backdoor’ just a backdoor? Australia’s struggle with encryption by Robert Merkel or Tom Scott’s YouTube video Why The Government Shouldn’t Break WhatsApp for a more in-depth take.