The whole point of encrypting something is so no one but you and the other person can read it. Today, we have such good encryption algorithms, ensuring your data is safe from prying eyes is merely hard to do right, not nigh impossible.

In fact, a lot of modern technology uses encryption without you ever really noticing it. Many messengers offer encryption of various quality, since it’s hard to do right, and few manage to do so completely. Much of the world wide web’s traffic is encrypted using a scheme that even protects against the encryption keys later leaking. Most modern smartphones use encrypted storage by default, protecting all your data with your PIN as the key.

This has posed a new problem for law enforcement. It used to be that they got a warrant, and then were able to search a suspect’s home and office, gaining access to any communication or other data they had stored. But with modern technology, a warrant won’t help them much if they’re missing the key to decrypt the data. If they’re lucky, the suspect used a weak PIN or password that’s easily guessed, but often enough, there’s no way for them to get at the data.

Even intelligence agencies are running into this problem more and more. If everyone has access to good encryption, then even the bad guys will use it, preventing them from being able to access and read their communication.

There have been various attempts at solving this problem. The UK, for example, has a key disclosure law that allows them to sanction a suspect (up to and including jail time) if they refuse to give up their passwords or encryption keys. However, this also only works if there’s a suspect in custody. If you don’t have that, or if the suspect has died, then this kind of law won’t be of much help either.

Another proposed approach is to build a new encryption scheme that includes a “lawful” back door. By designing the back door in such a way that only the manufacturer of the device has the key, everyone can have strong crypto. And if the police can present a lawful warrant, then the manufacturer is still able to decrypt the data, and hand it over to law enforcement. Everybody wins, right?

Except that doesn’t work. First, if a back door exists, then it needs to be very tightly guarded. But no one can implement perfect security, and this back door will be a very alluring target to criminals and foreign intelligence agencies alike. It’s a question of when, not if, someone unauthorized will gain access to the back door, and once that happens, they will be able to decrypt any device they want, and there’s nothing the manufacturer can do about it.

And second, it is now up to the manufacturer, whenever they’re presented with a warrant, to determine if it’s actually lawful. And if they make a mistake, or are tricked, they can hand out the key to someone they shouldn’t have.

In fact, it has been shown that any key escrow schemes is ultimately doomed to fail. So if such a thing is ever implemented, you can be sure that it will be broken. Encryption only works if there is no back door.

Other interesting links from around the web:

• The Carnage and Chaos of Childish Gambino’s “This Is America”
• Name of the Year: Jimbob Ghostkeeper Is Your 2018 Name of the Year
• Augmented Reality: Explore InSight, NASA’s Latest Mission to Mars
• Writer Picks Up Poker For Book Stunt, Wins So Much Money That The Book Is On Hold
• Emojiology: 😍 Smiling Face With Heart-Eyes

📖 Weekly Longread 📚

“She Paid for Everything”: How a Fake Heiress Made My $62,000 Disappear

🦄 Unicorn Chaser 🦄

Winners of the 2018 Underwater Photographer of the Year contest and The Year in Images – Highlights from ESA