Lately, there’s been a lot of debate regarding online security.

On one hand, tech companies like Apple and Google have been using encryption to protect their users and their users’ data. Encryption helps keep users safe from cyberattacks by ensuring that a user is the only one who can read their own data — even the tech companies themselves can’t read the data.

On the other hand, governments want to be able to read online messages, communications, and other data in the interest of national security. This data can be useful for law enforcement or for potentially preventing terrorism attacks. But our governments can’t actually read that data due to encryption.

In response, governments and politicians have called for changes to allow governments to be able to access encrypted information. But tech companies and security experts have pushed back against many of the ideas that have been proposed, deeming them unfeasible.

This debate has led to several legal, ethical, and policy questions. Although important, the purpose of this article is not to tackle those questions.

Instead, this article aims to give a better understanding of why the tech and security communities are so concerned about the recent government security proposals. In particular, encryption and cybersecurity are generally poorly understood outside of these communities. Without specialized knowledge in math and/or computer science, our understanding of encryption is just that it is “a tool that keeps our online lives safe.”

Our look at encryption will be largely non-technical, even though encryption is a very technical subject. We’ll first get a better idea of what encryption is and how it works. Then, through an analogy, we’ll take a look at how a small change to security can have a significant impact.

What Is Encryption?

First off, what is encryption and why do we need it? In a nutshell, we want to be able to communicate with someone online without anyone else being able to listen in to our conversation.

If you ever invented a secret language with a friend, you were already using encryption. When you spoke in your secret language, your friend could decode and understand exactly what you were saying. However, anyone else listening in to your conversation would only hear a bunch of gibberish.

Our computers, phones, and tablets essentially “talk” to other computers, phones, and tablets. One of these machines “talks” whenever it passes data to another machine — which happens whenever you visit a web page, check your email, or send a Snapchat. And whenever your machine sends or receives data, other machines have a chance to listen in on what you’re saying.

Naturally we don’t want other third-parties to know what we’re saying, since the data we send could include things like passwords, credit card numbers, or an embarrassing photo. That’s where encryption comes in. Our machines scramble, or encrypt, their data by generating and using their own secret languages.

How Does Encryption Work?

How do we generate a secret language, and how can we make sure that the language is secure? What does “secure” even mean when it comes to modern security?

Usually, a system is considered to be secure if it “would take an infeasibly long time to break using existing knowledge or technology.” Modern encryption is designed to be very hard to break. This is because modern encryption is built on top of certain classes of math problems that are very time consuming to solve. With today’s technology, it could take hundreds of years to longer than the expected lifetime of the universe in order to break some encryption methods.

So how do we generate a secure secret language, or cryptosystem? Without going into the technical details, the general approach is to first pick one of these types of math problems and then decide what we want the solution to that problem to be. We then work backwards to construct the actual problem.

Our solution is more commonly referred to as a cryptographic key. This key describes how to scramble or unscramble the message that we want to send. Anyone without the key will essentially have to try to figure out the key through trial and error, which is why modern encryption is so time consuming to break.

To get a better sense of these keys, we’ll look at an analogy. Consider a jigsaw puzzle. This jigsaw puzzle is a 1000 piece puzzle, and it’s entirely white. Solving this puzzle will take a lot of guesswork, effort, and time. However, if the back of each puzzle piece told you which row and column the piece should be placed, solving the puzzle would be easy.

Here, trying to solve the puzzle is similar to trying to unscramble an encrypted message without a key. It’s not quite the same, but the overall idea is that it takes a long time. The numbered puzzle pieces represent a key — they tell you how to solve the puzzle, just as a key tells you how to unscramble a message.

Weakened Encryption

So far, we’ve taken a look at what encryption is as well as an overview of how it works. What are some of the proposed security changes and why do the tech and security communities view them as risky or infeasible?

Essentially, the tech and security communities are concerned that the proposed changes aren’t well thought out and can have many unforeseen consequences. Even though a change might seem simple, the devil is in the details. Any change to modern security systems will add another layer of complexity, increasing the number of possible vulnerabilities in that system. Former NSA director of research Frederick R. Chang has said the following:

One such proposal is to add encryption backdoors for law enforcement agencies. This would likely involve creating a special cryptographic key that the government could use to unscramble encrypted messages.

The idea sounds simple, but implementing this idea would raise a number of concerns. There would have to be several such keys (or copies of keys) that the government would have to keep secure. Anyone with one of these keys is able to read any data that has ever been encrypted with that key.

This is all a bit abstract, so let’s take a look at an interesting real world security system: the pin tumbler lock.

Pin Tumbler Locks

You’re probably already familiar with this kind of lock, as it’s the type of physical lock most commonly used around the world. It’s the same kind of lock that is probably used throughout your house or apartment. This is what a typical pin tumbler lock looks like.

The lock itself consists of two main parts. The inside circle (or rather, cylinder) has the keyhole and is called a plug. The plug rests inside the remaining outer portion of the lock, called the shell. When the right key is inserted into the lock, the plug is able to rotate and we can open our door.

The mechanism that allows or restricts the plug from rotating is shown in this cross section. Here we see five pin stacks. Each pin stack consists of a spring and multiple cylindrical pins of varying discrete heights (in this case, there are two pins per stack). When a key is inserted, the grooves and ridges on the key push each pin up to a certain height.

A wrong key and the correct key.

If the wrong key is inserted into the lock, the cuts in each pin stack fail to line up with the plug along the shear line. The plug is then unable to turn because one or more pins are blocking it. When the correct key is inserted, the cuts all align and our lock will open.

Typical pin tumbler locks will have four to seven pin stacks, each with four to ten possible heights. For this article, we’ll use locks with five pins, each with ten possible heights. So, our locks will have 10⁵ = 100,000 possible keys.

An attacker could “solve” a pin tumbler lock by making and testing different key configurations, hoping to find the key that works. Assuming that it takes one minute to make and test a key, it would take 70 days for an attacker to try every possible key configuration. On average, it would take 35 days to find the right key.

If we exclude lock-picking, our pin tumbler lock system is secure — it takes too long to find the right key. Presumably, you’d notice and be alarmed if someone sat outside of your door for an entire day, not to mention an entire month, making and testing different keys.

Of course, there are some major differences between pin tumbler lock systems and encryption systems. Locks take significantly less time to break into, but that’s offset since they’re a physical system and require an attacker to be in the same place as the lock. Encryption attacks can be done from anywhere in the world, but in principle won’t ever be broken.

Locks can also be picked, but this is again offset since they’re a physical system. Unless there’s a reason an attacker would single you out, it’s unlikely that someone would try to pick your particular lock. The equivalent of lock-picking for encryption would be to come up with an attack on an encryption system that is consistently better than brute force. This is unlikely, but if it occurs we can switch to using a different, unsolved encryption method.

Master Keys: A Well-Intentioned Change

To see the potential unintended effects of changing a security system, imagine this scenario. Suppose you live in an apartment. Your door uses the standard pin tumbler lock, and there’s only one key that will open the lock. Today, your landlord decides to change that — she changes all of the locks in the building so that they can also be opened by a master key. How secure are you?

At the same rate of one key per minute, it would take an attacker 21 days on average to figure out your key or the master key. Our system is less secure with a master key, but not by too much. We would still catch someone trying to break in.

That doesn’t sound too bad, if it were actually the case. To understand how compromised our system is, let’s take at how we need to modify our pin tumbler locks in order to support a master key.

The master key.

Our original system had only one cut per pin stack. To allow a master key to also open the lock, we need to make a second cut per pin stack. These second cuts corresponds to the height of the grooves and ridges on the master key.

So, our original room key will still open the lock since it aligns with the first cut in each pin stack. The master key opens the lock since it aligns with the second cut in each pin stack. However, there’s an unintended side effect — any key that aligns with a combination of cuts from the room key and the master key will also open our lock.

Some unintended working keys.

As it turns out, there are actually 2⁵=32 such keys. An attacker using brute force would take at most a bit over two days in order to break our lock.

However, the consequences are actually worse than this. It turns out that anyone can create a master key — even if they don’t know what it looks like — if they have a room key to any apartment in your building!

In the brute force attacks we’ve looked at up to now, an attacker has to guess the correct heights for each of the five pins in order to make a working key. Having a room key gives us some extra information that we can use to determine the master key. As we’ll see, instead of guessing the heights of all five pins at once, we can guess the height of a single pin at a time.

Here’s how we could create the master key with our room key. The overall approach is to figure out the cut heights for the master key, one pin at a time. This is done by creating several copies of our room key that are almost identical — they just vary in the height of the pin that we’re trying to guess.

To find the height of the first pin, we’ll need ten copies of our room key. (We need ten because there are ten possible cut heights in our lock.) Each of these variations has a different height for that first pin. The remaining four pin heights are held identical to our room key.

Our 10 key variants.

Out of these ten variations, exactly two keys will open our lock. One of these two keys will be identical to our room key. The other working key will have a first pin height that is the same as the master key’s first pin.

We can then repeat this process for each of the remaining four pins. Each iteration will give us another height of one of the master key pins. At the end of the process, we’ll know the heights of all five master key pins. All that remains is to create one final key with these five heights — that key will be our master key!

This attack is a much more significant threat than our earlier brute force attack. First, it’s faster. There are at most 5 x 10 = 50 keys to test, so it would take an attacker 50 minutes, at worst, to create a master key.

Second, this attack partially circumvents a difficulty of attacking a physical system — the need to be physically present. The 50 minutes spent creating a master key isn’t done in front of your door. It’s done in front of someone else’s door, meaning a malicious neighbor could do most of the work from the comfort of their own apartment. The attacker only needs to go to your door after they’ve created the master key and when they are ready to enter your apartment.

Finally, the severity of this attack is much greater. The brute force attacks would only create a key capable of opening your door (with a small chance of creating a master key). But this attack will always allow an attacker to consistently create a master key, therefore allowing them access into every single apartment in your building.

The conclusion is that you’re not very secure at all. You’re safer than if you had no lock and you’re probably safe from the general public. But that doesn’t matter if you’re up against a dedicated attacker.

There is a question as to how hard it is to acquire a key in order to execute this attack. It’s not completely trivial, but it’s not particularly hard either. An attacker could rent a room in your building, steal a key from a tenant, or find a lost one. They might befriend someone in your apartment and borrow a key. They might even be able to get one from your doorman, under the pretense that they locked themself out of their room.

It’s quite amazing that all of this is the result of making the seemingly innocuous change of adding a master key. And in case you’re wondering, this is very much a real attack. With a bit of research and materials, you could even do it yourself!

Encryption Parallels

The most important takeaway from this analogy is that security in complex systems can be hard to get right. Even if a system appears simple, like our locks, the inner workings can have a significant effect on how well the system actually works. Furthermore, the exploits that can be done based on these inner workings can be quite unexpected and dangerous, such as the ability to create a master key from a room key in our analogy.

One proposal raised by government officials and politicians is for encrypted messages to have two keys — the normal key and a special government key. This second key would allow governments and law enforcement to unscramble a type of encryption known as end-to-end encryption. However, doing this would likely require sacrificing some of the securities that end-to-end encryption guarantees.

One such guarantee is that an attacker with a compromised key can only read messages that were encrypted after that key was made. If an attacker gained access to the special key, they would be able to read many more messages — including those encrypted before the original key was even made. This is similar to how a room key will only open your apartment, but a master key will open every apartment in the building.

Another guarantee is that it’s impossible to forge a fake message. This isn’t the case with the special key. An attacker (or a government employee) with this special key could impersonate the original sender and no one would be able to tell the difference. This allows for undetected crimes — someone could empty your bank account and it would look like you were the one who requested it!

Complex systems also have procedural concerns in addition to technical concerns. In our analogy, one such procedural concern was that an attacker could just tell your doorman that they were you (or anyone in your building) and locked themselves out of their room. Procedural concerns should be taken just as seriously as technical ones—poor operating procedures helped break the Axis Enigma cipher in World War II.

There are naturally procedural concerns with the use of a special government key as well. Who would control the key? How many such keys would there be? How would usage of these keys be coordinated? Who would be in charge of a key for messages sent between the U.S. and other countries?

Final Thoughts

Encryption systems are valuable tools that we use to keep our data and our online identities secure. They’re designed to be theoretically perfect, allowing them to keep us safe from anyone, without compromise. However, these systems are also very complex. Efforts to change or modify them could have significant consequences, resulting in a weakened or compromised system that fails to keep people safe.

Of course, encryption systems aren’t perfect in practice. In fact, there are attacks that exploit implementation details in some encryption systems. One attack works by listening to the noises your computer makes as it decrypts a message. Another attack theoretically allows the NSA to decrypt some messages by exploiting commonly used encryption keys.

Fortunately, these attacks were found by researchers, not malicious attackers. Their findings allow us to improve our encryption implementations and reduce possible vulnerabilities.

When it comes to security, it’s rather optimistic to assume that there will never be a security breach. A good security system is not only hard to breach, but also limits the potential damage that can be done when it is breached. Weakening encryption does the opposite of both of these goals; it makes systems more vulnerable and/or makes security breaches more severe.

Tech companies and our governments are both interested in keeping us secure. Hopefully, they’ll be able to work together to thoroughly understand the concerns of both sides and come up with possible policies and systems that will still keep us safe. But as things currently stand, government proposals are very concerning. In the words of President and CEO Dean Garfield: