The problems with the government’s war on encryption

During this year’s World Economic Forum at Davos, Prime Minister Theresa May, during her address, once again attacked the idea of end-to-end encryption in messaging services like Whatsapp, Facebook, and iMessage.

Criticising Theresa May and her government at this point is like kicking a dead horse whilst it’s down. She faces significant opposition in the realms of Brexit, her administration’s austerity measures, and even her ability to control her own back-benches and Cabinet.

But perhaps one of the Conservative Party’s most ill thought policies faces little opposition: the continued efforts to undermine and ban end-to-end encryption.

Labour and the SNP have been passive in opposing bills such as the Snooper’s Charter with only a rump Liberal Democratic Party standing in opposition.

But it must be made clear– banning end-to-end encryption will not curb terrorism, it will only serve to curb our own civil liberties.

Firstly, we must understand what end-to-end encryption actually is and why the government wants to ban it. End-to-end encryption is the encryption of information, like Whatsapp messages, and designed in such a way that only two users can decrypt it: the sender of the message and the receiver of the message.

This means that the service providers, like Facebook and Apple, cannot read the messages themselves. This has lead to high profile politicians, including Home-Secretary Amber Rudd claiming that service providers, specifically Whatsapp, are giving terrorists “a place to hide”.

It is true that terrorists have been to known to use encrypted messaging services. Adrian Ajao, the terrorist behind last March’s Westminster bridge attack, sent messages on Whatsapp only minutes before perpetrating his atrocities.

So surely banning encryption would be the sensible option? Unfortunately, it is not as simple as that.

The government could pass a bill tomorrow giving them access to all previously encrypted messages, however this would do very little to stop terrorists communicating.

Government Communications Headquarters (GCHQ) could force service providers to install backdoors into their encryption systems, allowing the government to read all messages as they please assuming service providers would comply with this.

But, those who are dead set on hiding their messages behind encryption would have very little trouble with setting up their own encrypted messaging systems and bypassing this. It is not very difficult to set up an encrypted messaging service.

In fact, the so-called ‘Islamic State’ have their own messaging app called Alrawi. For example one of the world’s most prevalent crypto-systems, RSA, is based on mathematics that dates back to Euler and Fermat.

But currently, even the world’s most advanced quantum computers cannot break a system that relies on centuries-old maths via brute force.

So anyone can set up a crypto-system that would be very difficult to crack, even by GCHQ, but the government can still see who is receiving and sending encrypted data, right? Well not if one were to use a VPN located outside of the UK.

By doing so, it becomes very difficult to even track that encrypted data is being sent or received. Currently, the UK government can at least monitor metadata from service providers, which allows them to see things such as when a message was sent even if they can’t view the actual message.

So by ending encryption on popular messaging services and driving suspected terrorists to use underground means, the government loses access to even this metadata.

Practically, the government’s attack on end-to-end encryption reeks of cyber-illiteracy.

But even if all of this won’t stop terrorists from communicating in its entirety, it would make it somewhat more difficult, and that’s worth pursuing, right?

Even if there is evidence to suggest banning end-to-end encryption would make communications between terrorists marginally more difficult, would it be worth the erosion of our civil liberties and privacy?

We are increasingly using encryption to keep not only our messages private, but our personal details, and even our financial details.

If the government were to force backdoors on all end-to-end encryption, there is a significant risk of hackers discovering these backdoors, putting us all at risk to a large scale cyber-attack, such as the one suffered by the NHS last May.

Many of us don’t view cyberspace with the same significance as we view our real life interactions, but would you be okay with the government mandating that all letters delivered by the Royal Mail be done so in transparent envelopes?

Or that every conversation you have throughout the day must be reported to a civil servant? This is exactly the same as allowing backdoors on end-to-end encryption.

The chances a GCHQ worker would be sifting through your iMessage group chats are just as slim as the postman having a cheeky look into the hypothetical see-through envelope, but you still wouldn’t be okay with it because the possibility is there.

If we begin to view our interactions in cyberspace like we do with our interactions in real life, then we start to view the government’s actions as increasingly draconian.

Hopefully, now it is clear that the government’s policies towards encryption will not stop terrorists from communicating, all it will do is put your privacy at risk.

But if that hasn’t convinced you, think of this: would you really want all of your online conversations to become a group chat with Theresa May and Amber Rudd?