DEV Community

Lane Wagner for Boot.dev

Posted on • Originally published at qvault.io on

They Who Control Encryption

Anyone who has seen the movie The Imitation Game, or studied computer science in school, probably has at least a brief understanding of Enigma, Alan Turing, and some of the other fun cryptography that went on during WWII. During this time and until the 1970’s, governments from around the world had near total control of all cryptographic systems.

Public key cryptography was invented in 1976 by Whitfield Diffie and Martin Hellman. This new kind of asymmetric cryptography not only revolutionized cryptography, but also allowed it for the first time to be used by the public.

Crypto Wars

source

When public key cryptography was first invented, the NSA tried to restrict access and keep the work classified. The NSA and military were the only entities in the USA with access to secure encryption standards. Ever since access to strong encryption was given to the public, the government has used many tactics to keep a stranglehold on encryption.

During the cold war the USA classified encryption technology as munitions, which allowed the State Department to control exports of the technology. In other words, even if Americans made discoveries and advances in technology, they couldn’t necessarily share those discoveries with people of other nations.

The clipper chip was an attempt by the Clinton administration to get companies to use a specific chip for encryption which the government had back-door access to.

Clipper Chip

In 2013 Edward Snowden revealed that the NSA had a secret project called Bullrun with the goal of cracking encrypted communication in order to gain access to the citizenry’s private information.

In 2014 James Comey, then FBI director, called for front-door access to all secure communications via keys given to the government by companies offering encryption products.

James Comey, FBI

In 2019 American congressman Brad Sherman called for congress to pass legislation that would make Bitcoin and cryptocurrency purchases illegal.

It is Never Over

We thought the crypto wars had ended in 2005, with Part I of the Electronic Communications Act 2000 being removed, and open source encryption widely available for public use. It is clear however that there are still those in power that would have the government be able to control and censor all financial transactions and communications online.

Stay safe online, and keep your liberties in mind. Liberty and freedom are not granted by government, they are simple human rights that should be protected at all costs.

Top comments (4)

Collapse
 
thefern profile image
Fernando B πŸš€

I wonder if NSA can read my pgp encrypted emails. 😭

Collapse
 
ut4utc profile image
ut4utc

Only if you make your own crypt-software - you can be safety.

Collapse
 
rafaelcpalmeida profile image
Rafael Almeida

I disagree with your opinion. Open Source software is much more reliable than "homemade" software because of the huge community behind.

Collapse
 
ut4utc profile image
ut4utc

This is not true. Because we can show companies who buy security hall and then use it for spy and keep these vulnerabilities secret.

Snowden and WikiLeaks showed by example that, in the United States, Anb actively exploited vulnerabilities to create viruses like the ones that Stuxnet. I'd add: it is very easy to find vulnerabilities when open source is in front of you.

Try to find the code in the code that you do not have! Yes, and the state always has a way of pressure - blackmail, threats, landing in a prison on a fabricated case, and in this case, an activist who wrote the open-source code can with this pressure make a deal with the state / ANB / CIA and just gangsters who threaten his daughter / to the son / him, and enter a small piece of code with an error that other participants of the project simply will not notice. and the whole system will be compromised.

I came across this in my country. we are now in a war in my country, I know how people can use blackmail / beating / bribery for all of this .. therefore the surest option is if you yourself wrote something and use it yourself, and not some third-party black a box, if you are certainly not such a cool expert who can revise the entire code, validate it for the absence of a vulnerability.

There are very few such people, and we are talking about the security of society - millions of people are not professionals in the code.