Business Unusual

Who should be allowed access to your encrypted data?

Following the deaths on Westminster Bridge in London on 22 March and the news that the attacker had used WhatsApp minutes before the attack began saw the UK Home Secretary call for access to encrypted messages to be made available to authorities for occasions that justify it. It is not a new call and many other agencies around the world have suggested the same.

It seems reasonable, but misses the basis of how and what encryption seeks to do. No encryption is totally secure (quantum options come the closest though). However, creating a backdoor, in effect, renders the entire system insecure.

Confused? Here is how it works...

Our privacy is safeguarded with security measures. These include physical security like a fingerprint scanner or with access control like a password. Then there is data stored on a device or the contents of a message that is transmitted. This is where encryption comes in.

You could encode your message using a cipher to change the contents in a specific way.

Consider “Safe” is our message and our cipher was to replace each letter with the next in the alphabet which makes it “Tbgf” - it is meaningless unless you know how to use the cipher to decode it.

Using a code as we did here is also not very safe. Should it be intercepted someone could try many codes until it made sense. Computers are capable of testing many types of codes very quickly to, in effect, crack it.

Encryption limits access to the contents of a message using a formula for an equation.

There are two parts: the “public key” which is the means to create the equation and the “private key” which is the only one that can solve it.

The means to create the equation is shared with anyone, which allows a message to be encrypted, but only the person that created the key pair will be able to decode it.

Encryption as is used by services like WhatsApp uses the two keys, a public and a private key, the two parts of the equation.

When you wish to send someone a message, WhatsApp encrypts it on your phone using the public key for that message. It can’t be directly unencrypted because it is a number equation that is practically impossible to solve by testing possible options.

A very simple version would be to consider the number “15” as your public key and the equation “3x5” as your private key (they are typically prime numbers), it is easy to see that 15 is equal to 3x5 which unlocks the file.

The actual numbers are much bigger, hundreds of digits long, proving them is easy, solving them is very hard (if you are a regular of Business Unusual, you will recall how the blockchain uses a similar technique).

So how would a backdoor work?

Strictly speaking if a backdoor can be created, you enable another way for anyone to workout how to decrypt that file.

Authorities would like to think they could keep that method safe, but given how many people would need to get access to it, and that it existed would be public knowledge, the system could be compromised and rather than increasing security, you effectively remove it.

The error occurs with our understanding of how locks and keys work in the real world. A lock can have more than one key, but that key can still only open that one lock.

If someone were to make a master key, you would need to make all locks the same way and that one key would open everything.

There is very little security in a system that allows for a master key, so authorities requesting a master key are not only not likely to make their citizens more safe, they are likely to make them more vulnerable.

There is a reason we should be calling for even more security because most users are unable to keep up with the functionality of their devices and this ignorance makes them more likely to be compromised by suspect apps, or people physically gaining access to their phone.

This is a basic summary of the issue and it does not address what could or should be done to limit the use of services like this by those that will break the law or cause harm.

There are no arguments to say people should not get access to cars because they could run people over because we understand the relative threat versus benefits cars provide. However, because most of us have a limited understanding of digital security it seems justified to believe the current solutions are practical ones.

So the best answer to the question posed at the beginning (who should be allowed access to your encrypted data?) remains, for now, no-one without your express permission.

702 welcomes all comments that are constructive, contribute to discussions in a meaningful manner and take stories forward.

However, we will NOT condone the following:

  • Racism (including offensive comments based on ethnicity and nationality)
  • Sexism
  • Homophobia
  • Religious intolerance
  • Cyber bullying
  • Hate speech
  • Derogatory language
  • Comments inciting violence.

We ask that your comments remain relevant to the articles they appear on and do not include general banter or conversation as this dilutes the effectiveness of the comments section.

We strive to make the 702 community a safe and welcoming space for all.

702 reserves the right to: 1) remove any comments that do not follow the above guidelines; and, 2) ban users who repeatedly infringe the rules.

Should you find any comments upsetting or offensive you can also flag them and we will assess it against our guidelines.

702 is constantly reviewing its comments policy in order to create an environment conducive to constructive conversations.

Read More
5 year-olds may never get a car licence

5 year-olds may never get a car licence

Cars might not only be autonomous by 2030, new drivers will probably not be allowed to drive.

The best way to listen to music is to hire it

The best way to listen to music is to hire it

The industry noted for being significantly disrupted by technology is getting its groove back.

Working from home or from the office, which is best?

Working from home or from the office, which is best?

We tend to have strong views on whether people should work in offices or remotely. This will help you decide.

Humans will be returning to the moon, but how will they be fed?

Humans will be returning to the moon, but how will they be fed?

The space race has typically focused on the massive rockets needed to get there, now we need to ensure there is enough to eat.

Defining the Earth we hope to see in 2050

Defining the Earth we hope to see in 2050

Asking what the world will look like in 30 years allows us to start doing what is needed to achieve it.

Bitcoin, Uber and GoPro - how the mighty are challenged - Part 3

Bitcoin, Uber and GoPro - how the mighty are challenged - Part 3

Becoming a world disrupting new technology is not the end of the journey, it may not even be the hardest part.

Popular articles
'Land restitution failed because Government is the biggest owner of land'

'Land restitution failed because Government is the biggest owner of land'

Bruce Whitfield interviews Finance Minister Malusi Gigaba's advisor Chris Malikane and Business Leadership SA's Bonang Mohale.

Winter blues got you down? What you must know about Seasonal Affective Disorder

Winter blues got you down? What you must know about Seasonal Affective Disorder

Don't brush off that yearly feeling or a seasonal funk. Here's how to help keep your mood and motivation up throughout the year.

So what exactly is radical economic transformation?

So what exactly is radical economic transformation?

Wits associate professor of economics Christopher Malikane speaks to Azania Mosaka about the term that is being bandied about.

ANC MP Makhosi Khoza writes about "leadership injudiciousness" in the party

ANC MP Makhosi Khoza writes about "leadership injudiciousness" in the party

Concerned ANC MP Dr Makhosi Khoza writes a heart felt Facebook post detailing immoral leadership and personal challenges.

It's not the end of the road... Top tips to improve your matric

It's not the end of the road... Top tips to improve your matric

"Recognise that it’s not the end, it’s the beginning." Expert advise for school-leavers who want to improve their results.

NSFAS to reopen 2017 applications

NSFAS to reopen 2017 applications

National Student Financial Aid Scheme says it will reopen 2017 loan applications after receiving requests for deadline extension.

'Collect experiences, NOT possessions!' - Paul Theron (Vestact MD)

'Collect experiences, NOT possessions!' - Paul Theron (Vestact MD)

Bruce Whitfield interviews the razor-sharp tongued Vestact MD Paul Theron about his money hopes, fears, successes, failures, etc.

3 easy questions could bag you R2000!

3 easy questions could bag you R2000!

WIN R2000! But only if you can prove you're a whiz of the MTN Biz Quiz by answering the following three questions...

Blesserfinder: Matching you with a sugar daddy near you

Blesserfinder: Matching you with a sugar daddy near you

Is social trend Blesserfinder, where girls are allegedly matching up with rich 'benefactors' in exchange for sex, a real thing?

5 reasons why the tourism industry is sceptical about the latest numbers

5 reasons why the tourism industry is sceptical about the latest numbers

The tourism industry is questioning the veracity of the surprisingly upbeat tourism figures and the timing of their release.