[Cryptography] Sadly predictable: Terrorism used as excuse to attack encryption

Christian Huitema huitema at huitema.net
Tue Nov 17 21:33:42 EST 2015 

On Tuesday, November 17, 2015 9:42 AM, Miroslav Kratochvil wrote:
> 
> I agree with you that there should not be restrictions on encryption.
> Still, the problem is elsewhere -- we simply should not encrypt _that_ much.
> (also applies to your car analogy, btw).

Actually, No. We should encrypt everything, for three big reasons: privacy, meta-data, and herd protection. These were debated quite heavily in the IETF, before arriving at the "encrypt everything" consensus.

The privacy arguments goes for protecting not just what you send, but also what you read, or who reads what. For example, a young man is not sending any particularly private information when reading a Wikipedia page about atheism from Saudi Arabia, but the knowledge that he did that is going to put him in trouble with the local morality police. We don't know what page is considered sensitive where, so better encrypt everything.

The meta-data argument is best explained with cookies. If you access a web site in plain text, the cookies are also in plain text. Anybody on the path can read them, and use that to attribute traffic to you. Of course, there are many more such examples of meta-data, and the safe solution is to just encrypt the whole traffic.

The herd protection is well known. If the only people using encryption are those who want to hide from the secret police, then of course if you use encryption you will get a visit from these folks. But if everything is encrypted, then you get "herd protection," much like when everybody is vaccinated.

> To explain: Common people with reasonable operating systems/browsers
> are now using bulk encryption on every single HTTP request they make, on
> every single disk block they have, making SPF handshake with each person
> they IM, etc.. Observe that only a really tiny amount of the data is actually
> confidental (login tokens, business data, ...). Think about what bulk
> encryption means for the consumption of computing power (RSA ain't free,
> I'd actually expect more than gigawatts). 

We actually thought about that. It turns out that as long as you don't widely inflate the size of the exchanges, you also do not inflate power consumption all that much. The bulk of the bytes on the network are compressed video. Video compression, decompression and imaging are way more energy intensive than AES. Yes, you pay some extra cost for the initial exchange, but when you look at the global effect on the server farm or on the handset, it is actually not that much.

-- Christian Huitema

More information about the cryptography mailing list