Skip to main content
  1. Home
  2. Computing
  3. Guides

Even the FBI can’t defeat good encryption – here’s why it works

By

encryption bill underway protects your most private data
Image used with permission by copyright holder
Digital data is difficult to secure by nature. Once a person has access to a file, it’s trivial to move, copy or delete. A single breach can spread a file to literally millions of people across the globe, something that would never be possible with a document that only exists as a physical copy.

That will never change. The ease of accessing, moving, copying, altering, and deleting data is a key trait of all modern computers. Instead, digital data security focuses on creating barriers between the data and those seeking access, so a file never leaves its owner’s control.

Recommended Videos

Barriers like encryption. If you use the Internet, own a smartphone, or have a PC, then your data is at some point protected by encryption, though you may not know it. That’s why the FBI is having such a tough time getting into the phone of a mass shooter, and Apple is so reluctant to help. Defeating its own encryption for one iPhone could potentially defeat it for all iPhones, in the wrong hands.

It’s a complicated problem, but one that’s easier to understand if you know the basics of encryption. What is encryption, and how does it work? Hold on to your butts, because it’s time for some maths.

Child’s play

When I was a kid, I came up with a secret code that I thought was very clever. I’d write a message by substituting every letter with one six steps higher in the alphabet. So an A became G, and so on.

Silly as it may seem, this is a basic form of encryption. First, imagine each letter as a number. A corresponds to one, Z corresponds to 26, and so on. The cipher for my childhood code, mathematically speaking, became (x)+6, where (x) is the number corresponding to the letter I meant to communicate. Of course, the math loops above 26, since there’s only 26 letters in the alphabet. Thus, a Z became an F.

qwerty-card-password-protection-encryption
Image used with permission by copyright holder

So, to reiterate, my cipher turned an A to a G because that was the result of one (the number corresponding to A) plus six.

This is a very basic form of encryption. A set of data, in this case the letters of the alphabet, has a mathematical algorithm applied to it. It’s terrible encryption, since it wouldn’t take much effort to identify patterns in my garbled words, and then work out the code. Still, the example covers the basics.

Diving into the deep end

The code I came up is a bit like a code used in the Roman Empire called Ceaser’s Cipher. Modern encryption is a lot more complex. A number of techniques have been invented to further garble the data. That includes the literal key to modern encryption techniques – the encryption key. I’ll explain, using the popular AES standard as a basis.

No modern computer can break 256-bit AES, even if it’d started working on the problem at the beginning of the universe.

Understanding the encryption key in detail requires mathematical knowledge that most people simply don’t have, so I’m not going to try and cover every step. To put it as simply as possible, the original data goes through an “exclusive or” function alongside the value of the key. The function registers false if the inputs are the same, and true if they are not. If you’re familiar with computers, you’ll immediately recognize this false/true function is binary, and so it generates a new set of binary data from the input of the original data and the key.

Then, to make it even harder to crack, AES uses a number of additional steps such as confusion, the technique I used to make my childhood cipher. After those several additional steps, the encryption is complete. Decryption reverses the steps to find the original message, but only if the key is known, since it was used to complete the encryption functions.

You’ve probably at some point heard that encryption keys come in different types, like 64-bit, 128-bit, and 256-bit. The more bits in the key, the harder it becomes to decrypt, because the original data is more thoroughly muddled through the “exclusive or” and successive steps.

And when I say difficult, I mean difficult. You’ve likely heard that the FBI wants Apple to help it bypass the security of an iPhone used by a suspect in the San Bernardino terrorist attack. That phone is protected by 256-bit AES encryption. No computer currently in existence can break 256-bit AES through brute-force even if it’d started working on the problem at the beginning of the universe. In fact, it would take hundreds of billions of years for a modern supercomputer to crack 256-bit AES just by guessing.

Getting around the impossible

While impossible is a strong word, it’s applicable to current technology, and current forms of encryption. A brute force attack against today’s best algorithms isn’t feasible.

Yet you’ve probably heard, time and time again, of attackers taking down encryption. How can that be? Sometimes this occurs because of the use of an old encryption method that’s been cracked. In other cases, it’s due not to a weakness of the algorithm used, but instead a problem with how it was implemented.

The iPhone that the FBI can’t crack is an example of well implemented encryption. A PIN is used to secure the phone, but it rejects unsuccessful attempts with a lockout time that becomes longer and longer after the fourth try. After ten unsuccessful attempts the phone wipes itself clean. It’s not possible to get around the PIN by loading new software, because firmware can only be loaded onto an iPhone if it’s signed with a specific code only Apple knows. And encryption is applied by a chip that’s between the phone’s flash storage and the main system memory, so it’s not possible to physically hijack the data.

apple-iphone-6s_7855-1500x1000-720x720
Image used with permission by copyright holder

That’s a lot of security, and each barrier represents a potential hole. It’d be possible to simply re-try the PIN until the correct one was found if the iPhone did not reject successive attempts. The phone’s memory might be transplanted to a different device if it wasn’t encrypted by a chip within the phone. Firmware that’s not properly secured would let a hacker load their own custom firmware to disable the phone’s security features. And so on.

Encryption is effective, but sensitive. If the key used to execute it can be discovered, or the software and hardware used to conduct the encryption can be fooled, it’s easily defeated. Key-logging software is a good example. It can “defeat” even the toughest encryption by logging the user’s password. Once that’s compromised, an attacker doesn’t need the slightest technical skill to proceed.

Conclusion

The iPhone is also a great example of encryption because most people don’t realize it’s encrypted while using it. This is true of its implementation more often than not. HTTPS uses encryption to send data securely over the Web. All the major cloud storage providers use encryption to protect data. Even your cell phone’s data voice and data connections are encrypted.

Opaque operation is ideal. Encryption shouldn’t be obvious – at least not when applied to everyday consumer devices. If it were, it might become annoying, and users would seek ways to circumvent it. You’ll find it’s rare that you must do anything to enable encryption.

But it’s still important to know what it is, and how it works, so you can judge the devices you use and be careful about how you use them. User error causes encryption failure far more often than an actual breach of an algorithm. Knowledge can help you shore up the weak spot – you.

Editors’ Recommendations

Topics
Matthew S. Smith
Matthew S. Smith
Former Digital Trends Contributor
Matthew S. Smith is the former Lead Editor, Reviews at Digital Trends. He previously guided the Products Team, which dives…
Best early Black Friday 17-inch laptop deals 2024: Up to 37% off HP, Asus, LG, and more
Dell XPS 17 9370 front angled view showing display and keyboard deck.

Update 11/13/24: We’re still a couple of weeks away from the official launch of Black Friday, but already we’ve seen some Black Friday 17-inch laptop deals come and go. This is likely going to be the case in the lead-up to Black Friday, which is why we’ll be continuing to update this list regularly.

The early Black Friday deals we’re seeing so far have been great if you’re in the market for a laptop. There are a lot of early Black Friday Dell laptop deals, early Black Friday Best Buy laptop deals, and early Black Friday gaming laptop deals to shop. Here we’re looking more specifically at 17-inch laptop, which make a great laptop option if you prefer some screen real estate. There aren’t as many 17-inch laptops on the market as there used to be, with 16-inch laptops taking their place, but we’ve managed to find several that are seeing Black Friday deals.
Asus Vivobook 17 — $330 $530 38% off

Read more
Early Black Friday External Hard Drive and Portable SSD Deals
Digital Trends Best Black Friday External Hard Drive Deals

Update 11/13/24:With Black Friday rapidly approaching, we're doing our best to keep up with all the best external hard drive deals that have been coming out. To that end, we've updated these deals with a few more options, as well as updated pricing. Also, its very much worth checking back as we find more and better deals to add to this article!

Early Black Friday deals are popping up all over the place, with things like Black Friday Dell laptop deals, Black Friday gaming laptop deals, Black Friday tablet deals, and Black Friday desktop PC deals offering some hefty discounts. If you’ve had your eye on any of these, you may also want to consider an external hard drive for some additional storage space. There are several Black Friday external hard drive deals worth taking a look at, and we’ve rounded up the best of them below. Read onward for all of the details, as well as some information on things to look out for if you plan to purchase an external hard drive while these Black Friday deals are taking place.
Crucial X6 SE 1TB external SSD — $80 $100 20% off

Read more
MacBook Pro 16 vs. MacBook Pro 14: here’s which M4 you should buy
The MacBook Pro 16-inch on a table.

MacBook Pros are some of the best laptops money can buy. With the M4 chip now onboard, these laptops have never been so powerful, and the update brings some interesting upgrades, such as the improved 12-megapixel webcam and brighter screen. They're the best MacBooks that have ever been made, and it's a perfect time to pick one up based on upgrade timing.

But just because the entire MacBook Pro lineup is better now, that doesn't mean it's any easier to choose between the two size options that are available. Despite the fact that they include many of the same features, the 14-inch MacBook Pro and 16-inch MacBook Pro feel like entirely different systems due to their contrast in size.

Read more