Encryption and Privacy
Here’s looking at you (and your information) kid
What is Encryption?
Simply put, encryption is the process of encoding messages and/or information, don’t be scared by the terminology, it’s actually a fairly simple concept to grasp. If you’ve ever done a puzzle or tried to decipher a code then you can easily understand how encryption works.
The cipher is the encryption key, the encryption key is what is required to allow the person receiving the message to decipher the message.
When you send your information or messages to other people online it is shown as a series of letters, numbers and characters, gibberish to most people, so, in order to decode this gibberish, you need the encryption key.
There are two main types of encryption: Symmetric Key Encryption and Public Key Encryption (also known as Asymmetric).
The Symmetric Key Encryption uses the same key for encrypting and decrypting. It is known as the ‘secret’ key because only the sender and receiver know what this key is, this is the protect the confidentiality of both parties.
The Public key Encryption uses different keys for encrypting and decrypting, one is private and one is public. The public one can be accessed by anyone, hence the name ‘public key’, however, this public key can only be deciphered with the corresponding private key. There are also different levels of encryption some of the highest are 128-bit and 256-bit. The higher the number the longer the encryption key will be, which in theory, makes the security higher.
But why do we need encryption?
In short, we need encryption to protect ourselves and our sensitive information from being stolen or seen by the wrong people. If you go onto a secure website, say your banking website, you should see a green lock at the front of the web address this means it is secured by HTTPS, which offers you encrypted browsing and guaranteed safety when entering sensitive information.
Do you want people looking at your messages or stealing your card details? No? So, in that case, you need this type of security in order to protect you and your details.
Most popular apps make use of encryption to retain user safety, whether that’s for storing data, or for data in transit.
Unfortunately, like everything, nothing is unhackable, but the bit size will affect the amount of time it takes the hacker to figure out the algorithm. Hackers use a method called ‘Brute force’ in which they will just randomly guess the key until they obtain the right combination, depending on the length this could take hundreds of years to break. Alternative methods of breaking a cipher include side-channel attacks and cryptanalysis.
The real challenge lies in keeping encryption as tight as possible, therefore you must check it is properly implemented and kept secure over time, most errors, unfortunately, are down to humans.
Why do we need privacy?
If we freely give out our information should we be angry when people take advantage of us? Is it us that needs more restraint when it comes to how we use our data?
Julie Cohen makes an excellent point about ‘the self’ in her paper on Privacy and Visibility:
“You might think it is a good idea to willfully hand over your data in exchange for personalised coupons or promotions or to broadcast your location to friends. But consumption -- perusing a store and buying stuff -- and quiet, alone time are both important parts of how we define ourselves. If how we do that becomes subject to ever-present monitoring it can, if even unconsciously, change our behaviours and self-perception.” -Julie Cohen, Privacy, Visibility, transparency and exposure
We are different people when under surveillance than we are alone. Cohen's argument illuminates how the breathing room provided by privacy is essential to being a complete, fulfilled person.
Cohen states: “A commercial culture that sees privacy as threatening its own valued practices of knowledge production will register privacy regulation as a threat.”
In hindsight, privacy is subjective and each individual will rate their level differently. For some people, giving out their name will be an invasion of privacy whereas others are happy to hand over their email address, phone number and even card details. As individuals we each have a different moral compass that guides us, influenced by both social and environmental aspects.
Which way does your compass point? Are you careful about the information you post online or do you want up to date features catered to your needs?
Security is needed, but at what cost?