Mok-Kong Shen
2015-07-24 16:02:09 UTC
The following two paragraphs are quoted from a recent article
"Why We Encrypt" of Bruce Schneier
(https://www.schneier.com/crypto-gram/archives/2015/0715.html):
"Encryption should be enabled for everything by default, not a feature
you turn on only if you're doing something you consider worth
protecting."
"This is important. If we only use encryption when we're working with
important data, then encryption signals that data's importance. If only
dissidents use encryption in a country, that country's authorities have
an easy way of identifying them. But if everyone uses it all of the
time, encryption ceases to be a signal. No one can distinguish simple
chatting from deeply private conversation. The government can't tell
the dissidents from the rest of the population. Every time you use
encryption, you're protecting someone who needs to use it to stay
alive."
Obviously a difficult problem is how the common people could be well
motivated to do some additional work in sending their emails encrypted,
which could be nontrivial when the encryption work is required to be
secure (including freedom of risks of the genre of Heartbleed in case
of open-source software and freedom of risks of backdoors in case of
closed-source software).
In my humble view, email software could greatly assist the common
people to do what Schneier recommends in the above citation, if it has
the following features:
(1) The software provides at least one symmetric and one asymmetric
encryption software for users to employ, with open-source codes that
are in practice at least within the capability (and time resource) of
those attaining certain advanced level of programming knowledge to
critically examine.
(2) Users could easily integrate their own encryption software to be
conveniently employed.
(3) When users don't have materials that need to be sent with
encryption and hence the emails are sent in plaintext, the software
would automatically propose to send as attachment an appropriately
generated dummy file that appears to contian their encrypted materials.
(If many users accept this, it would greatly enhance the loading of
the computers of the adversary.)
I should much appreciate comments and critiques to the above.
M. K. Shen
"Why We Encrypt" of Bruce Schneier
(https://www.schneier.com/crypto-gram/archives/2015/0715.html):
"Encryption should be enabled for everything by default, not a feature
you turn on only if you're doing something you consider worth
protecting."
"This is important. If we only use encryption when we're working with
important data, then encryption signals that data's importance. If only
dissidents use encryption in a country, that country's authorities have
an easy way of identifying them. But if everyone uses it all of the
time, encryption ceases to be a signal. No one can distinguish simple
chatting from deeply private conversation. The government can't tell
the dissidents from the rest of the population. Every time you use
encryption, you're protecting someone who needs to use it to stay
alive."
Obviously a difficult problem is how the common people could be well
motivated to do some additional work in sending their emails encrypted,
which could be nontrivial when the encryption work is required to be
secure (including freedom of risks of the genre of Heartbleed in case
of open-source software and freedom of risks of backdoors in case of
closed-source software).
In my humble view, email software could greatly assist the common
people to do what Schneier recommends in the above citation, if it has
the following features:
(1) The software provides at least one symmetric and one asymmetric
encryption software for users to employ, with open-source codes that
are in practice at least within the capability (and time resource) of
those attaining certain advanced level of programming knowledge to
critically examine.
(2) Users could easily integrate their own encryption software to be
conveniently employed.
(3) When users don't have materials that need to be sent with
encryption and hence the emails are sent in plaintext, the software
would automatically propose to send as attachment an appropriately
generated dummy file that appears to contian their encrypted materials.
(If many users accept this, it would greatly enhance the loading of
the computers of the adversary.)
I should much appreciate comments and critiques to the above.
M. K. Shen