Posted: November 14, 2016 (12:20 PM) by CalvinDude
This weekend, I worked on a little project. It's designed to help people communicate via e-mail without eavesdroppers gaining information. Why is this useful? Well, I've had my boss text message me a link to a fridge from a local store, and the next time I logged onto Facebook all the ads were for that exact model of fridge. The same thing happens with e-mail. Your providers are reading all of them (actually, they're using a computer algorithm to pick out certain words, but the principal is the same).
So supposing you wanted to avoid that, a great way to do so would be through encryption. But there are several different types of encryption available. What is the best?
That depends largely on what you want to do and how you want to communicate. The absolute best method of encryption involves the use of a one-time pad. As the name suggests, it's something that's used only one time. The problem is that both the sender and receiver have to have access to the same one-time pad. This means that you have to get that pad to the recipient without it being compromised (i.e., you can't exactly just e-mail the pad or the e-mail client will be able to use it, should the programmers so desire to extract that information).
One of the best methods remaining actually involves giving out information far and wide in the form of a public key. Mathematically, you can create a key pair such that you can use one part of the pair (the public key) to encrypt data that only the other part of the key pair (the private key) can decrypt. Thus, you can send the public key to everyone and anyone can use it to encrypt a message to you that only you can decipher, because you are the only person with the private key.
But how does such a concept work? It works because in math you can have some operations that are really easy to do in one direction and extremely difficult to do in the other direction. For most people, that can easily be demonstrated just by pointing out that it's usually far easier to multiply two numbers than it is to divide two numbers. For example, it's very easy to multiply, say, 57 x 49. It might take you some time and paper, but nearly everyone who reads this blog will be able to do it pretty quickly by hand and show that 57 x 49 = 2793.
But consider this instead. What is 2664 divided by 37? That one is a lot trickier to solve by hand! (The answer, which you can check with a calculator, is 72 in case you were wondering.)
Now, both multiplication and division are pretty easy for us to do these days because we have calculators. But there are mathematical functions that are easy to do in one way and nearly impossible to do in reverse, even using calculators and computers. This includes factorization techniques (involving multiplying two extremely large prime numbers together), the use of elliptic curves, or using discrete logarithms.
Ultimately, it doesn't matter which method is used as long as it is difficult for someone to be able to figure out the private key even when they know what the public key is. And because that difficulty exists, the public key can be shared and you can still be confident your messages are secure (you can never be 100% positive, of course, but that's true of even making it safely across the street when you're crossing).
So if you want to share messages using this system, the person who wants to send you the file needs your public key. They then use that to encrypt the file and send it to you. It's important to note that at this point, even the original person can no longer decrypt the file (of course, they can read the original unencrypted file just fine) because it can only be decrypted using the private key. The file is then sent to you and you use your private key to decrypt it.
Now, if you want to respond to them in an encrypted manner, you need their public key. You encrypt the message and send it to them and only they can decrypt it. Ultimately, what this means is that if you want to exchange encrypted messages, the sender needs to know the recipient's public key. The encryption is then tailored specifically for that person's private key such that no one else will be able to read it.
How secure can we be in this method of communication? As secure as we can be about any other method. After all, if you're wanting to have secure channels of communication for other reasons than just to block advertisers, you should bear in mind that the gummit (or whoever) is far more likely to just bug your house conventionally and spy on you with other means, including implanting malware on your devices, than it would be to try to decrypt your messages. In fact, as far as I can tell, the only reason a police force would even try to decrypt your messages is after the fact--as in, they weren't suspecting you before but now you got arrested and they want to know what your encrypted e-mails are. But at that point, they'll probably already have access to your private key since they'll have your actual computer too.
So, for all intents and purposes, if you're just working at securing your online presence and want to make it difficult for corporations to eavesdrop, then encryption is great technique to do so. If you're paranoid and seeking to hide all your traces, you will have thousands of more holes to patch before you'll need to worry about the strength of your ciphers.
There are no comments on this post.