Wednesday 4 November 2015

A ban on encryption?

Our fragrant government is proposing to ban encryption. Or maybe it isn't, it depends on what you read and who you believe. But let's just consider the proposition, because there is no known limit to government stupidity.

One proposal is to "ban unbreakable encryption". Some people will tell you that there's no such thing, but for them, I have the following message: "J". This message is intended for just one person,and they know what it decrypts to, because we arranged it a while back. Now go away and don't come back until you've decrypted that "J" and tell me the full text that it decrypts to. While you're doing that, google "one time pad".

Unfortunately, unbreakable encryption suffers from a serious drawback - key exchange. For a one time pad, the key length is as long as the message. You can get round this by giving your secret agent a pad of random numbers that he should use only once. That works if you're landing spies by submarine, but is not practical across the internet.

Instead, there's breakable cryptography. Strong crypto is very difficult to break, weak crypto is easy. An example of extremely weak crypto, is the Caesar cipher; you add three to each letter to give the coded message. An example of strong crypto, is DES.

The only sort of ban that makes sense over the internet, would be a ban on strong crypto; there's no point in banning weak crypto, and unbreakable one time pads aren't practical.

So could the government ban strong crypto?

Look at the URL of this blog - it starts with https://. That means that it's encrypted with the same crypto that is used for transmitting credit card data across the internet - strong crypto. End-to-end crypto. Anyone looking at what is in transit, just sees gibberish.

Maybe you didn't know this, but when you access my blog, or indeed anythng on the internet, your computer doesn't make a direct connection with the server. Instead, your computer makes a request, and that request is forwarded on along a chain of maybe a dozen computers, until it reaches the desired destination. The response traverses a similar (but not necessarily exactly the same) series of computers until it gets back to yours. And then it's displayed for you.

If a URL starts with http:// then all this happens in the obvious way. But if it starts with https:// then before the request is sent, the whole of the request is encrypted. Except for the IP address that's being accessed - that has to be in plain so that the forwarding process can happen. But everything else is encrypted until it reaches the target server, which then decrypts it, so it can work out what you asked for, and what it should send back to you.

Likewise the response - all the data that's sent back to you is encrypted in transit, and only decrypted by your browser when it arrives.

You can see why this is wise for credit card data; we don't want there to be a possibility of someone in the chain of forwarding computers, to be able to read your card number. But https is being used more and more today.

Look at the URL of this blog. It starts https. There's a little padlock symbol that tells you the same thing - this is using end-to-end strong encryption. Look at wikipedia. Look at Facebook. Look at Twitter. Look at Google. All of them are using https.

In order to ban strong end-to-end encryption, you'd have to ban https.

Good luck with that,


  1. is http, not https. Just saying..

  2. You're right. But when I made that comment, I was writing the blog, so it was, and then it was https.