More In This Article
Since the dawn of the Web and ubiquitous free e-mail services over the past two decades, the need to secure personal information online has been evident but often ignored. Last month’s exposure of the U.S. National Security Agency’s PRISM program for collecting data on individuals suspected of plotting terrorist attacks, spying or other forms of malfeasance (pdf) has helped bring privacy issues back into the spotlight. In fact, the news about PRISM even encouraged some prominent Internet pioneers to condemn the practice and call for renewed efforts among Internet users and their service providers to encrypt more data, to protect it from prying eyes.
Vint Cerf, Google’s chief Internet evangelist and co-developer of the TCP/IP communications protocol that makes the Internet tick, recently told The Times of London that computer scientists should devise an anti-snooping solution for the Web using encrypted communication. Cerf encouraged developers to reexamine how some of the Internet’s core security features—in particular Internet Protocol Security (IPsec)—were designed to enable end-to-end cryptography.
Unfortunately, cryptography’s ability to thwart online surveillance or theft comes with a number of caveats and qualifications. Cerf’s comments highlight a key difficulty in using encryption to protect data as it traverses the Internet and comes to rest on a computer or storage drive. Given the diversity of the digital terrain, data is rarely encrypted from start to finish. Even when data is encrypted in transit from one computer to another in a network, it often must be decrypted at each point and reencrypted when handed off to the next computer. If any of these way stations—whether a PC, a Web server or a piece of networking equipment—is not well protected, unencrypted data is left vulnerable to prying eyes.
Data at rest
There are several programs available for encrypting data once it is stored on an end point like a PC or laptop—including Microsoft BitLocker, Apple FileVault, PGPdisk and TrueCrypt. These programs typically create an encrypted volume on the hard drive or encrypt the entire hard drive using a key derived from a password that you type in as part of the start-up process.
The catch is that users have to actively set up these programs. They don’t run by default, and many people don’t even know these programs exist.
Data in transit within the network can be encrypted using a number of different approaches, says cryptographer Paul Kocher, president and chief scientist of Cryptography Research, a designer of data, computer and network security systems. A widely used example is a password-protected wi-fi network, where the password is essentially used as an encryption key or to derive encryption keys so that data going from your machine back to the router is only accessible to people who know that password. Pretty Good Privacy (PGP) and Secure/Multipurpose Internet Mail Extensions (S/MIME) are a couple of other common encryption technologies but are limited primarily to e-mail transactions.
Secure Sockets Layer (SSL) protocol offers a broader example of how data can be encrypted in transit. Kocher helped develop SSL, a cryptographic protocol used to encode communications over TCP/IP networks, for Netscape as a means to transmit private documents via the Internet in the mid-1990s. SSL uses a cryptographic system with two keys—a public key to encrypt the data and a private key, known only to a message’s recipient, to decipher it.
If used properly, SSL encrypts a user’s data from their Web browser to the Web server. The browser can use SSL, for example, to authenticate that your computer is communicating with an actual Web site as opposed to an imposter set up to steal data or spread malware. (Note that URLs requiring an SSL connection start with “https” instead of “http”.)
The primary limitation of protocols like SSL is that the security depends on the machines on each end. If either of those devices has been infected with a virus or some other malware, decryption keys on that machine can be stolen, leaving data in transit vulnerable to theft or tampering. Given that encryption algorithms themselves tend to be very strong, it is more likely that a thief or eavesdropper will enter through something akin to a side door rather than try to break that algorithm and decrypt the data, Kocher says. “The end points are inevitably weaker than the mathematics of the algorithms.”
Another threat to SSL comes in the form of so-called “man in the middle” attacks, in which the attacker intercepts messages and then retransmits them. This is done in such a way that the two original parties still appear to be communicating with each other. Pop-up warnings normally caution users when this might be happening, but users often dismiss such warnings without realizing the consequences, Kocher says. (One such warning informs Web surfers: “This Connection Is Untrusted,” and offers the options “Get me out of here!” to terminate the connection or “I Understand the Risks” to proceed.)