Privacy services often rely on strong encryption to protect privacy and confidentiality. Some terms that you have heard probably include AES, RSA, or maybe even elliptic-curve cryptography (ECC). However, is encryption actually bulletproof and a guarantee of safety?
Beware the buzzwords
Sometimes, vendors will use terms like “military-grade encryption” to try to illustrate how secure or safe an encryption standard is. However, “military-grade encryption” isn’t actually a thing.
While the US government does have certain encryption standards (such as FIPS 140-2(new window)) that are issued by the National Institute of Standards and Technology(new window) (NIST), there is nothing special about “military-grade encryption”, as the encryption algorithms used are widely known and utilized across multiple industries.
So “military-grade encryption” does not indicate any unique level of security, and the term is largely meaningless.
How safe is encryption?
A brief look through history clearly shows that encryption needs to be implemented carefully. Alan Turing famously “cracked” the Enigma machine(new window) in World War II.
In 2014 a flaw in OpenSSL(new window) was discovered that could be used to trick a vulnerable web server into sending sensitive information, including usernames and passwords. In 2017 the EFAIL(new window) vulnerability was discovered in some email clients (not Proton Mail’s), allowing attackers to access the plaintext content of emails secured using PGP and S/MIME.
Security through transparency
These cases show that sometimes, even a tiny flaw is enough to break a strong encryption algorithm. In fact, most encryption is not cracked due to a flaw in the encryption algorithm itself but because of a careless mistake in its implementation. Due to how complex encryption is, such mistakes are easy to make, even by experts in the field.
The solution is openness. Publicly published encryption algorithms and implementations (especially the commonly used ones) can be independently scrutinized and studied by the security community, increasing the odds that flaws are discovered. And for encryption, newer is not necessarily better.
Older algorithms that have been public for a long time and have withstood the “test of time” are often safer because they have been more thoroughly “battle tested”.
On the flip side, if somebody advertises that they use top-secret proprietary encryption, it just means that fewer people have checked it, meaning there is a higher probability of an undiscovered critical flaw. Counterintuitively, the safest encryption algorithms are public, as opposed to ones that are kept secret.
How to break encryption
Many modern encryption algorithms have been battle tested (sometimes for decades) with no known vulnerabilities. This, however, does not mean that such encryption cannot be broken.
Breaking encryption with no known flaws is a bit like guessing a password. If you guess enough times, you will eventually get it right. However, with strong encryption, this can take a long time.
For example, very few modern laptops have an Rmax processing benchmark higher than 1 teraFLOP. The most powerful (known) supercomputer in the world is currently Fugaku(new window), which has a Rmax peak speed of 442 petaFLOPS, with 1 petaFLOP = 1000 teraFLOPS.
Dedicating its entire output to the task, it would take Fugaku over 12 trillion years to exhaust all possible combinations for AES-128. AES-256 is 340 billion-billion-billion-billion times harder to brute force than AES-128. To put this into perspective, the universe is 14 billion years old.
However, there are adversaries with significantly more computing power than one laptop (or even supercomputer). Some government agencies have access to hundreds of thousands of servers that could bring breaking weaker encryption into the realm of possibility.
Quantum computing(new window) will eventually pose new challenges to secure encryption, which is a subject we will discuss in an upcoming post.
How is Proton Mail protected?
Proton Mail only uses encryption algorithms with no known flaws. This includes AES, RSA, and ECC encryption. We also stick with using open, public, and well-tested standards. Our email encryption is not proprietary but based on the OpenPGP standard, which has been battle tested over several decades and is still being improved.
We employ an in-house crypto team and also open source all of our encryption software. This means anybody in the world can inspect our software to ensure it is safe. Our encryption and its implementation also undergo annual independent security audits.
While there are other companies that are open source, we go one step further by providing our encryption software as open-source libraries, which anybody can use.
Today, our open-source encryption libraries (including Gopenpgp(new window) and OpenPGP.js(new window)) have become some of the world’s most widely used encryption libraries, meaning that thousands of developers and companies around the world rely upon them in their own products and services.
Because they are so widely used, they are also widely tested and checked by a global community of thousands of developers, supporting hundreds of millions of customers, which ensures security in a way that being merely open source is not able to do.
Is encryption guaranteed?
We have gone to great lengths to ensure that our encryption is rock solid and independently validated. As we have mentioned many times over the course of the Privacy Decrypted(new window) series, there’s no such thing as 100% secure.
For example, while it is highly unlikely, one cannot exclude the possibility that today, one of the world’s governments secretly possesses a quantum computer, however remote that possibility is. One also has to keep in mind that encryption is just one piece of the puzzle. For example, no amount of encryption will protect you if an adversary has already compromised your device.
However, this should be taken in the context of your threat model(new window). For example, if one government had a quantum computer, is it likely to be the government that you need protection from, and are they likely to expend all those resources targeting you specifically? There is no guarantee of 100% safe encryption, but encryption is the best tool yet devised for keeping your data secure.
As an encryption expert with a deep understanding of cryptographic concepts, I can confidently dissect the key elements mentioned in the article you provided, published on October 14, 2021, with the last update on November 8, 2022. My knowledge extends beyond these dates, allowing me to provide comprehensive insights.
The article primarily focuses on privacy services and the use of encryption for safeguarding privacy and confidentiality. Let's break down the concepts and key points presented:
-
Military-Grade Encryption:
- The article dismisses the term "military-grade encryption," highlighting that while the U.S. government has encryption standards (e.g., FIPS 140-2 by NIST), the term itself is largely meaningless. Encryption algorithms like AES, RSA, and elliptic-curve cryptography (ECC) are widely known and used across various industries.
-
Safety of Encryption:
- The historical context is emphasized by referring to Alan Turing's cracking of the Enigma machine during World War II and the discovery of a flaw in OpenSSL in 2014. The EFAIL vulnerability in 2017 is also mentioned, showcasing that encryption needs careful implementation to be effective.
-
Security through Transparency:
- The article advocates for openness in encryption. Publicly published encryption algorithms, especially those that have withstood the test of time, are considered safer. Older algorithms, publicly scrutinized and studied by the security community, are often more reliable than newer, less-tested ones.
-
Breaking Encryption:
- Breaking encryption is likened to guessing a password, emphasizing the importance of computational power. While modern encryption algorithms like AES-128 and AES-256 are incredibly robust, adversaries with substantial computing resources, such as government agencies, could pose a threat. Quantum computing is mentioned as a potential future challenge to secure encryption.
-
Proton Mail's Encryption:
- Proton Mail is highlighted as using encryption algorithms with no known flaws, including AES, RSA, and ECC encryption. The company follows open, public, and well-tested standards, such as the OpenPGP standard. Proton Mail's commitment to transparency is emphasized through in-house crypto teams, open-source encryption software, and annual independent security audits.
-
Open-Source Encryption Libraries:
- Proton Mail goes beyond being open source by providing encryption software as open-source libraries like Gopenpgp and OpenPGP.js. These libraries are widely used globally, tested, and checked by a vast community of developers, ensuring a high level of security.
-
Encryption Guarantees:
- The article acknowledges that there is no such thing as 100% secure encryption. It mentions the theoretical possibility of a government possessing a quantum computer. The importance of considering one's threat model is stressed, highlighting that while encryption is a powerful tool, it is not a guarantee against all threats, especially if the device is already compromised.
In summary, the article provides a comprehensive overview of encryption, debunking misconceptions, emphasizing the importance of implementation, advocating for transparency, and highlighting Proton Mail's approach to encryption and security.
