The development of technology has meant that sending some file or message is now possible literally in two clicks or two touches of a touch screen. We are able to send a piece of our virtual lives to the other side of the world within seconds. It’s so simple and commonplace that we don’t even think about what happens next with that sent data. Let’s stop for a moment and before we press the “send” button, let’s think if we and the recipients are the only ones who can see the data we sent.
Let’s assume that I want to send an e-mail to one of my friends. A simple action that each of us performs many times every day. I just write a few sentences, give the address, title the message and click “send”. Immediately after clicking this button the message is transformed into a set of packets and sent via an encrypted link to the mail server where I have my mailbox. Immediately afterwards the message is also sent through an encrypted link to the recipient’s server and from there it can be received by the recipient using some mail client. Note that in this whole process we have several encrypted connections, so that our messages can be safely copied between devices. That is, if we copy a message from server to server, or from server to our device, we know that as the packets travel across the Internet our data is secure. But what happens to the message stored on the server? After all, it is also stored there in case we want to download it to another device. And in this case it is stored even on two servers, the one with the sender’s mailbox and the one with the addressee’s mailbox. Is the message encrypted at rest? Well, if we did not take care of it ourselves, the email message on the server is stored as an open text. That is, as soon as the message traverses a section of the Internet and reaches some intermediate point, it is decrypted and stored in that form. A similar process takes place every time the message goes to multiple recipients. Then it is saved as an open text on each of the recipients’ servers. A very similar situation takes place if we write to someone using an instant messenger. Many popular instant messengers provide encryption only during message transmission and not during data storage.
Let’s consider another example. Suppose I have some files in the cloud. Regardless of whether I share them with a friend or keep them just for myself, quite often these files are also stored unencrypted. However, it should be mentioned here that popular cloud storage providers quite often convince us that files are stored with them in encrypted form. However, just as often they forget to add that the key to decrypt these files belongs to them. That is, perhaps if some data is stolen from their servers, none of the hackers will read our files, but the administrators of the service will be able to do it whenever they want. This approach creates very great opportunities for profiling and tracking users. In messages and files we can search for phrases that appropriate algorithms will be able to process. Our photos can be analyzed using artificial intelligence to label them accordingly. A service provider can use the data collected to serve us relevant advertising or simply sell the data to providers of other services. Despite the fact that no human probably watches our data, the company analyzing our data knows quite a bit about us.
As you can see, simply providing your users with an encrypted connection solves only part of the problem. It protects us from prying observers who are trying to view our activities on the Internet, but it does not solve the problem of data storage security. This is because in the scenarios mentioned above all encryption keys are held by the service provider. The way to ensure a much higher level of security is simply to reverse the situation. If we become the owner of our encryption keys and encrypt our data before sending it to the cloud, the provider will not be able to open our files. This way of securing data is called end-to-end encryption. It is more of a method than a technology where the owner of the file or message has the encryption keys and not the service provider.
Keeping the keys on one’s own is obviously connected with the necessity of taking proper care of the security of such keys or at least remembering a strong enough password. Additionally, the person with whom we will be corresponding must know how to use such technology. I assure you that it is not difficult. We do not have to know about cryptography to secure our data and messages. This is quite a simple activity, which takes seconds, but dramatically increases the level of our security.
What to do to make our encryption work really effectively? Let’s touch on two aspects, which are equally important, but they do not always have to occur simultaneously. First of all we need to take care of strong passwords. Nowadays, computers have so much computing power, that under favorable conditions they are able to make trillions of password cracking attempts per second. The password-cracking algorithm will simply try to use every possible combination of characters as a password. It will do this until finally some combination works to decrypt the data. The only valid combination is nothing more than our password. In practice, it can take less than a second to crack a password that is 8 characters long. Unfortunately, there is no unbreakable password, but there are passwords that would take billions or even more years to “guess” using this method. Passwords the longer, the better. For this reason, it is best not to try to come up with a password in the form of a random string of characters, because it will be difficult to remember. The best passwords are both long and easy to remember, so we should start thinking of passwords as whole sentences. For example, the password “e=mc^2toMyFavoriteEinsteinRules” has 37 characters, is a password that is definitely easy to remember, but nowadays practically impossible to break. I personally recommend passwords with a minimum length of 24 characters, which contain lowercase and uppercase letters, numbers and special characters. Strong passwords should be used everywhere without exception, not only in relation to our topic today. The second aspect of end to end encryption is understanding encryption keys. In fact, you only need to know that there will be two keys involved in the process. A public key and a private key. Both of these keys are simply text files containing very long strings of characters. We keep our private key only for ourselves and the public one we can share with our addressees. Preferably during an actual meeting and not via the Internet. Our addressees will also give us their public keys. When our friend wants to send us a message he/she will encrypt it using our public key which we shared with him/her earlier. We will receive such a message and will be able to decrypt it with our private key. Then we will reply to him and encrypt his reply using his public key. This is basically all the theoretical knowledge we need to have before we start encrypting data.
There are already many technologies to send files, messages, emails in end to end encryption standard. To encrypt an e-mail we can use for example OpenPGP technology. This technology is very popular and available for free. You just need to use a free generator to create a key pair, share the public key with your friends and start using your email client to encrypt your messages. However, it is important that if you decide to use this standard you must remember to transmit your key in a secure way. If you send such a key over the Internet and it is intercepted on the way, you may not only lose your security but also have a false sense of it, which is even worse. So remember to transmit keys generated by OpenPGP technology in a secure way. The second quite popular method of e-mail encryption, although not free anymore, is S/MIME technology.
In this case we no longer have to provide the keys ourselves. We pay for an external security authority to confirm the authenticity of our provided key to the person to whom we send it by e-mail. This process takes place automatically. If one of our friends uses an S/MIME certificate and sends us an email, we will see a padlock in our email client, similar to the one in the URL bar of a web browser when connecting via HTTPS. This will be a sign that the message has been signed with an S/MIME certificate and by receiving it we have also received the sender’s public key. An S/MIME certificate can be purchased for less than 50 PLN per year. However if we don’t feel like generating our own keys we can use services of email providers who have OpenPGP implemented as a standard. ProtonMail is one of such services. This Swiss service allows end-to-end encryption inside its servers using this technology. So if one of our contacts uses ProtonMail and sends us a message to our mailbox within this provider, the message will be encrypted. But if we want to send a message outside of ProtonMail’s servers, we have to share our public key in the same way as we would do it using OpenPGP. As you can see each method has its strengths and weaknesses. So the choice should depend on many factors, including what your friends are using.
It is also worth remembering that when choosing a technology, a very important factor is whether the technology is available under an Open Source license. If the application code is available for everyone to see, then of course it is also available for hackers. You can actually identify weaknesses in the application this way, but it’s important to remember that it’s not just people with bad intentions who get to see the code. The more eyes that can verify the code, the higher the chance to find bugs. For this reason, I very often use various open source technologies and recommend them to my clients. Also in the topic of instant messaging. For written communication, as well as audio or video calls with available end-to-end encryption in standard you can use Signal application. The application requires a phone number for activation, but is very user-friendly. Its functionalities are practically the same as those of most popular communicators. You should only remember to verify your contacts by scanning QR codes on your friends’ phones. Only then we can be sure that the keys have not been intercepted. Signal is mainly available for smartphones, but there is also a version for Windows and macOS. To further increase your security and even add the aspect of very strong anonymity, you can use some communicator based on onion routing. Session is one such application. It allows you to send text messages using the Lokinet network, similar to the Tor network described in the previous episode. Harnessing such a powerful tool as onion routing to communicate makes it extremely difficult to both eavesdrop on messages and simply identify who is talking to them. As of today, it is hard to find a more anomalous and secure text messaging exchange. Session has some drawbacks, however, which are very typical of any application that uses onion routing. The transfer of data is very slow and, also for this reason, the application does not currently allow you to make a voice call.
If anyone of you stores files in the cloud, I also encourage you to check out the Cryptomator application. With it you can quite easily encrypt your files in the cloud. If we already have some disk resources purchased from a provider, but we do not want the provider to have access to our files, we can store files encrypted with our key. All we need to do is to indicate to the application which directory on our computer is synchronized with the cloud, where to create an additional virtual disk, and come up with a strong password. From this point on we can use the additional virtual disk as any other, remembering that any file we put there will be encrypted by Cryptomator and in this form sent to the cloud.
The technologies listed in today’s episode by no means exhaust the topic of end-to-end encryption. There are many more possibilities and their choice should depend on your needs. But now let’s ask ourselves “If I even encrypt everything I can, will I become completely anonymous?” The answer to this question is unfortunately not that simple. Using the above technologies and many others, we will certainly dramatically increase the degree of security. Viewing our correspondence will become so difficult that in practice it will become impossible. Similarly, if it comes to stealing our files. If we have encrypted them using a strong password or key, we can pretty much assume that no one will read them in our lifetime, the lifetime of our great-grandchildren and many generations to come. However, even if we encrypt everything, some part of the communication will have to take place on principles allowing to transport the message. Sending even an encrypted message we have to address it to someone. Message address must be available to read, because otherwise it would be impossible to know where to direct this message. And when we encrypt an email, by any technology, the title of the message, the addressee and the sender are known to the service administrators. When we write a message on a messenger, and it’s not a messenger that uses onion routing, some sort of addressee identifier must be available to ensure proper transport of the message. If we can call the content of our message “data”, then the addressee, the sender or the sending time can be called “metadata”. Metadata is basically data that describes other data. They are usually much smaller than data, but they store critical information necessary to complete a service such as email delivery. Nowadays, encryption has become so popular and powerful at the same time that attempts to break the encryption have become unprofitable. Of course such attempts are still made, but gathering a big enough base of “metadata” gives as much information about us as the content of our messages. How often we talk to someone, how long, how many times a day, or at what times of the day says a lot about the type of relationship. The places we visit depending on the day and time are a unique identifier of our person. As far back as 2004, NSA Chief Counsel Stewart Baker said that metadata says absolutely everything about us. If we have enough metadata about someone, we don’t really need the data, or in this case, the content of our messages. Onion routing, thanks to its decentralized architecture, allows data to be sent with a minimal amount of metadata, which is additionally scattered and difficult to collect and associate. However, email, text messages, phone calls, and more remain viewable by administrators and government departments. End-to-end encryption technologies are undoubtedly a great step in the right direction, but they don’t always ensure complete anonymity, as hiding metadata in many issues is still the song of the future. And before that happens, let’s remember how much our metadata says about us. Gen. Michael Hayden, former director of the NSA and CIA said back in 2004 ‘we kill people based on metadata’. As you can see, metadata says so much about us that some government organizations will not hesitate to make a final decision about someone’s life based only on metadata.