Archived content:

This page is in the archive.

Go back to the homepage.

Design and cryptography



In December 2012, journalist Glen Greenwald got an email asking for his encryption key. At the time he barely knew what encryption was and had no such key. And the anonymous source who asked him for his EGP encryption key turned out to be Snowden, but he was unable to communicate freely with Glen Greenwald without having means of encryption.

Encryption lets us protect our universal human rights with the laws of nature rather than the laws of nations. It's what makes the difference between Google telling you: trust us; we will not read your email and sorry, we can't read your email, and we're even unable to hand it over to intelligence agencies, for instance. But you can use encryption to protect yourself; sure, but it doesn't make any sense if your contacts are not using it, because if they're deciding to use Google and they're fine with that and they say, I have nothing to hide and I don't mind Google mining on my personal data, you have to interact with them and send them emails and those emails will sit on Google's servers, even if you don't trust in Google. Unless the other person who's a Google user gives you a way of encrypting the emails, you have no other choice than handing over your data and your communications to Google.

So, encryption sounds really nice, but why is no one using it. Well, it turns out that it's really hard. When Snowden asked Glen Greenwald for his PGP encryption key, Snowden tried to install the software but failed many times to do so. Even after Snowden sent him a step-by-step video that you can find on Vimeo about how to set up encryption.

At Open Whisper Systems, we don't think it has to be that hard. We think that making encryption accessible to anyone is one of the only ways we can fight dragnet surveillance. Making useable encryption is something we need to work on, but we are already using forms of encryption. For example, TLS, when you're banking online. TLS is the encryption key that's used to protect your emails on the wire, so that adversaries can't get a hand on your emails. And TLS is usable. When you're going to a website that supports TLS, it's very easy to see that there's a small green lock in your URL bar and that the communication is secure. And the best news of all is that it works. We know that the NSA had to break into Google's data centres to get access to the information because they were unable to break the encryption.

But protecting the information on the wire is not enough. We need to make sure that they are not able to break into Google's data centre to take your data or that Google is not mining the data on their servers without you knowing it. So we need to shift to what's known as end to end encryption.

The issue is that with end-to-end encryption comes a lot of new challenges. Search is the biggest one. You want to be able to search for your emails on all your devices and with encryption, you can't tell the server, search in all my emails, because the server has no key and doesn't have your encryption key to index the emails.

With end-to-end encryption comes new challenges, sure, but we can solve them and this needs to be an effort where multiple communities are involved. Cryptographers, developers and designers who know how to make good looking and usable apps, and together we can make usable cryptography.

As we're designing this cryptography, we don't only need to think about the threat model this days, but also think about the future of the threat model, as intelligence agencies are no more able to intercept your emails on the wire and they won't be able to break into Google's data centre.

The next thing they will be going after are your personal devices, so it's also our responsibility to make sure that even if they break into your device, the data is locally encrypted too.

I think that together we can make end-to-end encryption safe, more easy to use and free as in freedom. Thank you.