Encryption backdoors and how they affect you
Encryption is the process of encoding and decoding messages so that only authorised people can view the contents of the message. Computers today have allowed the use of much more complex encryption systems because we can rely on the technology to do the extremely tough number-crunching required to decode encrypted messages.
A ‘backdoor’ in computing is a way of bypassing the normal method of authentication. Backdoors are often hidden in part of the design of the program or algorithm. A backdoor would allow an intruder to access the encrypted information without having the correct credentials. It would either allow the intruder to guess the access key based on the context of the message or allow the intruder to present a skeleton key that will always grant him access.
Encryption backdoors were initially developed to assist law officials on a daily basis with catching criminals. However, they just make illegal tasks easier for malicious attackers to execute. There are some reasonable compromises that can keep all our data safe and still help catch the bad guys. A backdoor for the good guys, however, is inevitably a potential backdoor for the bad guys too.
Internet of Things (IOT) devices are everywhere now and the general public uses them for numerous tasks in homes and at work and they are creating a new level of paranoia. One needs to remember that any device with a connection to the internet could have a backdoor. If someone gets the keys or figures out how the garage door works, they could get inside your door locks, baby monitors, surveillance cameras and more.
The solution to the problem at hand is to make any encryption without a backdoor against the law. However, encryption is generally just multiplying two prime numbers. It would be hard to make mathematics against the law.
Ultimately, your online activity is based on your own choices. Criminals can choose not to use services with backdoors. There are more solutions tech companies could come up with to assist law enforcement. The main concern should be to limit ways for criminals to do malicious attacks, rather than limiting the activity of the everyday online user.
