We Asked Experts What Would Happen If Everything Were Encrypted

As America's mounting anxieties over terrorism run up against its engrained mistrust of authority, the result has been a surprisingly robust debate about encryption and digital rights.

Various law enforcement agencies have decried how strong encryption makes the Web "go dark," i.e. it stymies their ability to peruse the Matrix unfettered in search of bad guys and their nefarious intentions. (In this case, "going dark" may overlap with—but should not be considered synonymous with—"The Dark Web," which  refers to the occasionally seedy underbelly that lives within the Tor network).

At the same time that authorities are seeking to enhance their digital surveillance powers, privacy advocates are pushing for more default encryption in order to protect the civil liberties of users who are often more than willing to exchange privacy for convenience.

To those ends, lawmakers at all levels have proposed bills that will limit (or, in some cases, outright ban) the public's access to things like encrypted iPhones, while others have proposed legislation that would boost it. (And we should note that the political tussle over encryption has been refreshingly unbounded by today's entrenched partisan divides. There are Republicans and Democrats on both sides of the issue—it probably won't last, but this non-tribal policy debate is a nice change of pace.)

In many ways, the encryption debate is very particular to this exact moment in technological history. If things were to truly "go dark" on a vast scale, it would essentially take the authorities back to a pre-Internet time when it was harder to snoop remotely. Meanwhile, the protection offered by encrypted phones is quickly becoming technologically quaint as intelligence agencies shift their attention from tapping smartphones to tapping smart homes.  Yes, your smart TV might be snitching on you (which is far from paranoid fantasy).

We spoke with several digital privacy experts for a thought experiment about what the Internet would like would look like if strong, ubiquitous encryption was the rule rather than the exception (and if that would even be possible).

If all devices and communications were encrypted by default, would users recognize a difference in the end experience?

Amie Stepanovich, U.S. Policy Manager, Access Now:  There are different types of encryption. There's transit encryption and encryption in storage. When you talk about transit encryption, that's what you get when you see HTTPS: at the beginning of a URL. A lot of companies have been slow to transition to that because there was an argument that it was slower or that it broke things. At least the argument about it being slower has fallen by the wayside.

In 2011, there was a big hacking of Gmail by China. At the time, Gmail wasn't using transit encryption. They said it was because it would make things slower. And then after the China hack, they were like 'Oh, maybe we should put that into place.' And it really hasn't impacted the user experience at all. People essentially had no idea that the change had occurred except that they were a lot more secure on the other end.

When it comes to more robust forms of encryption, there are some more cost benefits to consider. For example, end-to-end encryption isn't always searchable, and it isn't available on devices where you don't have a key installed. So you can't, for example, check email across devices. It depends on the implementation and what level of security you're looking for. Most of the time you're not even going to recognize them.  

Does encryption guarantee that all your data remains private?

AS: [An encrypted device] is not necessarily the end of the story...if you store something in Apple's cloud, [for example,] Apple will have access to it. Even if everyone had a default encrypted iPhone, it doesn't protect your data once you sync your information to the cloud.

Rule of thumb is if you have information on a device and you drop that device in a puddle and it dies, but you can still gain access to your data, your data is not completely secure.

A lot of people turn sync on because of convenience because they want to be able to get access to their data across devices. The idea that we're heading towards ubiquitous encryption and everyone is going to go dark is quite disingenuous because people have a reason not to use the strongest security—users might want Apple to store their information on their cloud because they want to back it up and have access to it from many places, but they should just know that Apple will then have access to that information.

[Note: While many users know data is encrypted in Apple's iCloud, Apple does have the ability to decrypt that information and share with authorities if it is legally compelled to do so.]

Does encryption negate the intelligence-collecting capabilities that Edward Snowden revealed such as PRISM, which allows the NSA to search anyone's email by just looking up their name?

Peter Eckersley, chief computer scientist, Electronic Frontier Foundation: Unfortunately we aren't close to having any sort of encryption that would protect the contents of your email against a PRISM-like attack. We need to build these things, but the strong encryption that is being debated right now doesn't do that. We are maybe getting there with text messages, but don't have a way to do end-to-end email encryption yet. Not a practical one.

Services like Silent Circle or Whisper offer end-to-end encryption, but are not yet a practical replacement for email. There's a technology called PGP which has been around for a while, but it's not yet practical for email for most people.

There are some big technical differences between email and text messaging which make email a lot harder: People expect to have all their old emails; they expect to be able to search all their old emails really fast from a phone even if they have 10GB worth of messages which they couldn't store locally on their device. Today's email platforms have very sophisticated spam filtering and prioritization features that have been built into these email platforms. To replicate all that functionality in an end-to-end encrypted system is an unsolved problem. 

In the age of supercomputers is there even such a thing as unbreakable encryption?

AS: There are brute force attacks that would take years—up to hundreds of millions of years—to access encrypted information. That's the hardest way to gain access. In many cases it's going to be impossible. That's why when people want to gain access to information—be they hackers or governments—they go about it in a different way.

They might encourage the use of a vulnerability they can break. Or they might install a piece of malware that allows them access to your device—whether or not you're using default encryption doesn't matter, because they're on your device and they can see the unencrypted information.  

That's what happened in Kazakhstan. The government there required citizens to install a government-mandated vulnerability on their devices. So it wouldn't matter how much encryption you're using or how you're using it—they've owned the devices. All the computers and phones have this program on it which presumably allows encrypted information to be decrypted. 

Are vulnerabilities and backdoors always created with the knowledge of manufacturers?

AS: They can be inserted with or without the manufacturer's knowledge…In one example, we know that the NSA and GCHQ got access to SIM card keys. In that case we have no reason to believe that the manufacturer knew that the SIM card keys had been compromised, but they were compromised all the same. So, there's lots of different ways.

Creating a backdoor is actually a lot harder with open-source software, which is why a lot of technologists advocate for it. 

Recommended by Our Editors

7 Chilling Ways the NSA Can Spy On You

Could a government even completely ban encryption if it really wanted to? It seems like someone could just engineer around it.

PE: If the FBI wants to create new backdoors into systems, it's not going to affect programmers creating their own software. The authorities, however, might be able to restrict the types of services that large corporations can provide to the American public.

You could install strong crypto software yourself, but the government might be able to restrict Apple or Google's ability to give you that in a convenient product that keeps you or your corporation secure. 

Would default encryption really stymie governments' abilities to control things?

PE: Strong encryption by default would be a great win. One example of things that happen when you have, say, a strong encrypted version of Wikipedia is that governments can't censor particular Wikipedia articles. We've seen a lot of governments around the world that want to allow Wikipedia, but want to block particular articles they really don't like. Having strong encryption means that a connection to Wikipedia can't be distinguished easily from any other connection, so the government has to let people read freely. 

We've been fighting to increase the use of transit encryption for decades. And we made a huge amount of progress. But we know that unfortunately once you have this encryption in place there are still a lot of things that can go wrong if you're being attacked by a hacker or an intelligence agency. Those include malware that gets on to your computer or data breaches at the server side of things. So you have a secure encrypted connection to a website, but then the database that the website has gets hacked separately then all the data you put in there is vulnerable.

There's a technique called "traffic analysis" where instead of reading the content of the communications your computer is sending, people surveil the pattern inside of those communications. And unfortunately there's a huge amount that can be learned from that type of data analysis and metadata. So we are only at the beginning of a long struggle to protect Internet users and the Internet against these problems. You can be assured that until we succeed, bad guys, be they hackers or governments, are going to use those techniques against us.

What exactly is the problem with governments having the ability to go through a backdoor to peruse encrypted information on a device given they go through the proper legal challenges?

AS: When people say backdoors and vulnerabilities, it's shorthand for several different approaches the government might take and have taken in order to maintain their access to data.

One method is when the government allows a company to implement some type of encryption, but insists that it has some sort of vulnerability or defect that still allows them to get in.

The problem is that you can't have a defect that can't be exploited by everybody. Once there's a hole there, anyone can poke around and look for that hole...these things are eventually figured out. Maybe not right away, but they will be eventually. They're gonna get broken into, and they're gonna get broken into by the bad guys.

Interviews were conducted separately over the phone and Skype and answers were edited for brevity and clarity.