Why breaking encryption is a bad idea
During the last few years many governments have tried to ban end-to-end encryption with the excuse of trying to “prevent terrorism”. However, this is not only a stupid measure, but it’s just another attempt to being able to spy all the citizens' private communications.
The Guardian published some hours ago UK may force Facebook services to allow backdoor police access. Let’s discuss how this end-to-end encryption works, why it is a terrible idea to break it and how to communicate privately if this measure fails (first rule is to not rely on Facebook).
Why not to break encryption
Encryption is the best way to communicate without any third-party knowing what you’re talking. If you’re an individual, you might be talking about what you want to buy, search symptoms of some disease you could have or rant about how bad your government is.
This is awful! It means in the best of the cases you’ll only get ads for something you want to buy, in the second case, means private healthcare insurance might give you a higher price “just in case” (this doesn’t happen in Europe, but in the US you still rely on private insurance). And in the last one, the government might be somewhat totalitarian and try to put you in jail for speaking against it (what happens in China or any other dictatorship).
How to communicate privately
The solution is PGP encryption+signing. This technology is based on public keys, where there are two keys: one is public and the other one is private (and must be well protected, usually with a passphrase and special permissions in the OS).
With the private key you sign, so people can read the message with your public key and know it’s you. That signature is undeniable, so you can’t then say “I didn’t send that”, because that would mean someone got access to your private key and the passphrase that protects it (more on this later).
With the public key you encrypt, so only the person with the corresponding private key can read that message. This is probably what you want most, because it’s a warranty nobody in the middle can know the content of the message, even if it’s sent via unsecured channels.
Let’s give an example of two people: A and B; or better known as Alice and Bob. They want to communicate privately, so they generate a key-pair (a private and a public key) each. Then they exchange their keys through a trustable medium, in which they know they have the correct key.
Alice wants to send a message to Bob, so what she would do is encrypt the message with Bob’s public key, so only he can read it. But here comes the first problem: how does Bob know the message comes from Alice and not anyone else who says to be her? The solution is simple: Alice will first sign her message with the private key, and then encrypt that signed output with Bob’s public key. This way, ladies and gentlemen, is how end-to-end communication works.
But we skipped something: how do they exchange keys? The ideal way would probably be meeting physically with a flash drive and exchange the key that way. But that’s not viable many times, because people communicate from big distances. Another way is to publish it somewhere (like a website or a key server) and the other person just download it and import it to their key manager (e.g. GnuPG).
How to apply this in real life
Great, examples are cool and all that, but… How do I do this? Well, the first step is to generate your key pair. For that, I’m going to use GnuPG (GPG), which is usually included in GNU+Linux distributions (e.g. Ubuntu, Debian, Fedora…) and can be downloaded in Windows and macOS from https://gnupg.org/download/.
Generating and distributing a key
The first step is to create your key pair, for what you’ll use
$ gpg --full-gen-key. It will ask you for the kind of key you want, which is
RSA and RSA. For the key size, you can choose whatever you want, 3072 or 4096
are the recommended sizes. Then you just specify some extra data and will ask
you to choose a passphrase. This is important, because you want to protect
the private key from being used by anyone else without you knowing.
Once you have your key, you can sign messages for others and encrypt them for
yourself. But for others to communicate with you, they need your key. So, just
export it with
$ gpg --armor --export firstname.lastname@example.org. The –armor flag forces
an ASCII armor, so you can send it via email or upload it somewhere without any
encoding issues. Another step you might want to take is upload it to key servers
like https://keys.openpgp.org, so anyone can download it from their client.
Now you’re fully set up, you can try and sign a message. First, you write it on
a text editor (like Notepad or Notepad++, not Office). After saving it, you can
sign it using
$ gpg --armor --sign /path/to/message, and after typing in your
passphrase you’ll get another file in that directory, containing the signed
message, named the same but with a .asc extension. That’s your signed message.
Anyone with your public key can verify undeniably that was sent by you.
But what you wanted to do was to send encrypted messages, so you need the other
person’s public key too. So, let’s receive their key from the keyserver (
supposing they used one), what you’ll do is run
$ gpg --keyserver https://your.keyserver.org --recv-keys email@example.com
replacing the –keyserver for the actual server, and the address for the real
one. If the key is not in a server, and it’s on a normal server, you can
download it with your browser and run
$ gpg --import /path/to/downloaded/key,
or use something like cURL from the terminal.
// receive the key and |pipe| it to GnuPG curl -f https://thewebsite.com/key.gpg | gpg --import
Once you have the message and the public key, you can finally proceed to encrypt
the message running
$ gpg --armor --sign --encrypt -r firstname.lastname@example.org message.txt. What you’re saying is basically “Hey gpg, using ASCII-armor, sign
with my key this message, and encrypt it so only the –recipient
email@example.com can read it with their private key”.
Try doing this for your own email, you’ll get a .asc file, which decrypted
$ gpg --decrypt file.asc)will look like the following:
ariel@linux:~ $ gpg --decrypt test.asc gpg: encrypted with 4096-bit RSA key, ID D0708A9C6729EEA1, created 2021-03-14 "Ariel Costas <firstname.lastname@example.org>" Hi there this is a signed message for my blog post Goodbye gpg: Signature made Fri 02 Apr 2021 01:40:37 PM CEST gpg: using RSA key CC460CB965540CEABF6F237C0813EA757FA7AAE6 gpg: Good signature from "Ariel Costas <email@example.com>" [ultimate]
This confirms the following:
- This message was encrypted with the key D0708A9C6729EEA1 for “Ariel Costas firstname.lastname@example.org”.
- The message is contained in the ASC, so you only share that file.
- The message was signed on Friday 2 April 2021 using my public key, which is trusted, valid, not revoked and confirmed to be mine.
It’s quite easy to communicate in an encrypted manner, either for normal usage or for organizing bad stuff. Which means, breaking WhatsApp’s encryption would be useless.
Dear governments who might be reading this, stop trying to use dumb excuses to legalize spying on your citizens, that’s not ok. Everyone deserves to have private conversations without the state controlling them. And for those who support breaking encryption, I invite you to publish ALL YOUR INBOXES and messages exchanged ever.