For many people, the first time they heard about encryption backdoors was in 2015, when the technology firm Apple was compelled by the FBI through several court orders to allow access to one of its products used by a terrorist.
One of the first questions asked might be, what is encryption?
Data can be stored in a format that anyone can read. However, what if the data is sensitive, such as financial information? In the same way, you might put valuables in a safety deposit box that only someone with the right key can access, so you might try to keep your valuable data secure from unauthorized users.
The key to securing data is encryption. When data is encrypted using a key, only those with the correct password (or key) will access the original data.
The transmitter uses an encryption key and an algorithm or cipher to send encrypted data. At the receiving end, the person also has a key. These keys work similarly to actual physical keys in locking and unlocking data.
Most systems being used today use encryption and authentication are required to obtain access.
- Using a password to access your bank records online
- Using a code to unlock your phone
- Using a fingerprint, authorized card, or facial recognition software to open apps
These systems generally work well as safeguards of private information. For example, if someone steals your laptop or phone, they can’t automatically access your data.
An encryption backdoor can be likened to a spare key. Like a spare key, an encryption backdoor allows a secondary way to have access.
Backdoors allow manufacturers, for example, to access data on one of their devices. Types of backdoors include a piece of code, a remote part of an operating system, a special key, or an external tool.
The reason an encryption backdoor exists is the same reason people keep spare keys. They might be worried they will lose their primary key and want another way to get into their home. Or they may want to allow someone else access to their house when they are not there.
These are valid and useful reasons to have a spare key; however, there are also valid and useful reasons to have an encryption backdoor.
For example, in the case of Apple vs. the FBI, while Apple didn’t want to give backdoor access, the FBI demanded it gains access after the terrorist had died. By having the data on that phone, officials hoped to be able to save lives.
Unfortunately, there are also downsides to having an encryption backdoor. This vulnerability makes a device with such a backdoor more susceptible to being hacked. Furthermore, it allows those with malicious intent to gain access.
Most tech companies want to protect user privacy. The government wants to be able to access data for legal reasons. However, there is no guarantee that it will remain private once a backdoor is revealed. This is an ongoing debate regarding encryption backdoors. You can stay up to date with every technological advancement in encryption on Micro Focus.