Cyber Security

Should we Ban Crypto?

With the recent terror attacks in the UK and the very real chance of more terror attacks to come, everyone is looking for a way to make this stop.  One of the ways to do this is the ban cryptography.  Another, is to allow cryptography, but give the government a special key to unlock it.  Both of these methods would allow all communication to be seen by the government, stopping the terrorists from communicating secretly. Many people see this as the software solution to the terrorist problem.

Crypto Conundrum

This is an understandable reaction to the horrific images that come to us each day on the Internet and the Television.  The conundrum is that cryptography is now what makes most of the world safe, and by breaking it, you break most of the Internet.  Let me explain further.  Currently cryptography is what allows you to bank online, to buy things from Amazon, to rent movies from Apple, to send information to your doctor.  Without cryptography, then you can’t put in your credit card into a website without it being seen by everyone.  Going back to not buying things online seems like a step backwards.

Why then don’t we just give the “secret keys” to the good guys.  This way only the government can look to see what you are doing.  I have nothing to hide, so why do I care if they see what I am doing.  There are two reasons you should care.  If the NSA can’t keep their data safe, do you think another department is going to keep these keys secret? We have all heard of the hackers who stole the NSA tools and the US Office of Personnel Management data. What would make another department in the government safer?  Once a backdoor is enabled in software, it will be the first thing criminals go for.  Once they have that, they will have the keys to the kingdom.  Also, it means that anyone who works for the government or anyone that can bribe someone who works for the government, can have full access to your data.  How much are the keys to the kingdom worth?  Some might pay a lot of money for them.

While I do think we should be doing something to try to prevent future terror attacks, I don’t think banning cryptography is going to fix it.  There is no realistic way to allow backdoors into a secure system and still keep it secure.  By allowing the backdoor, you allow vulnerabilities that can and will be exploited.  By blocking cryptography, you will make people less safe, and the terrorists will just use different tools to secure their data.