The Encryption Paradox
Encryption’s very strength, that it is hackproof, is also its biggest weakness. As long as the information is encrypted, the encryption key must be safely maintained. A lost key means the information is unrecoverable and lost forever. The consequences of forever losing the data is often worse than the consequences of being hacked.
Even if there’s a one out of one million chance that the key becomes lost, in many cases, these odds are unacceptably high for the lifeblood of a corporation, military secrets or irreplaceable personal information.
If the key is in the custodianship of the human owner, either on paper or stored in a smart phone, there is too much risk that the key will be lost. Humans forget things, lose paper notes and lose their smartphones all too frequently.
If the key is maintained by a third party service provider, not only does the service provider have access to the data, the key will generally be stored in an unencrypted state making the key itself prone to being compromised or hacked. It’s like having an unbreakable lock on your front door but putting the key under the doormat.
Therein lies the Encryption Paradox – put the key under the doormat so it can never be lost, but risk easy access by unintended outsiders, or put the lone key in your pocket and risk losing it and being forever being locked out of your home.
Governments, militaries and large corporations get around the paradox by using elaborate systems, hardware and processes to provide key redundancies that are impractical on a mass consumer scale.
Messaging services that provide end-to-end encryption get around the paradox by not storing any of the communications. It’s only necessary to safely maintain the key while the information is encrypted, during transmission from one user’s device to another.
Not storing communications can work for some messaging and chat applications, but it is inapplicable to most other forms of communication. With email and collaboration tools, for example, people often need to go back into the history of their communications to find critical information.
Some email services do offer end-to-end encryption, along with stored emails in an encrypted state, but they don’t address the paradox. Rather, they store the key on the user’s hardware, which comes with high risk of losing the key.
TLS encryption, commonly used with email, only applies while the email is in transmission. Even with TLS, emails are stored in an unencrypted state on both the sender’s outgoing mail server and receiver’s incoming mail server.
The Encryption Paradox makes it clear why encryption hasn’t become a common practice when it comes to stored data, and in particular data stored in the cloud. Innovations that solve this paradox are needed before encryption can be widely adopted throughout the Internet.
In the meantime, if there are contingency services to losing the key, it probably means a copy is stored in an unencrypted state, mitigating the benefits of encryption. If there are no backups, users must be aware of the consequences of losing their key. Either way, Buyer Beware applies to using any sort of encryption for stored data.