When I ponder the resurgence of the crypto wars—efforts by officials to restrict the use of encryption by citizens in order to gain unfettered surveillance powers—I am reminded of the unsettling era of the late Middle Ages. Although I did not live during that time, one characteristic of that period remains in my consciousness. From 1337 to 1453, England and France engaged in a series of brutal battles, a conflict that lasted so long it earned the name the Hundred Years’ War.
The current crypto wars have not yet reached such longevity. (In this column, I will reclaim the term “crypto” from its recent and degraded usage by blockchain enthusiasts, many of whom have not read my book from 2001, aptly titled Crypto.) Since the publication of the groundbreaking 1976 paper that introduced public key cryptography—a method of increasing access to encryption just in time for the emergence of the internet—the conflict between encryption advocates and their opponents in positions of power has only been ongoing for almost 50 years.
From the beginning, governments have made steadfast and persistent efforts to restrict or outlaw secure encrypted communications. However, by the turn of the millennium, it seemed as though the battle was over. Encryption was recognized as an essential component of the internet, integrated into every web browser and increasingly incorporated into messaging systems. Government surveillance did not cease—Edward Snowden’s revelations serve as evidence—but certain elements within governments worldwide remained uneasy with the notion that citizens, including the most corrupt among us, could freely share secrets shielded from prying eyes. Periodically, new regulations are proposed, accompanied by alarming scenarios presented by FBI directors concerning the notion of “going dark.”
The arguments presented by the anti-crypto faction have remained unaltered. They argue that if we allow encryption to thrive, we are safeguarding terrorists, child pornographers, and drug traffickers. Nonetheless, the opposing counterarguments are just as persuasive. Without encryption, no one can communicate securely. Everyone becomes vulnerable to blackmail, theft, and corporate espionage. Furthermore, the very last remnants of privacy disappear. Creating a “back door” to enable authorities to gain access to our secret information will only make those secrets more accessible to hackers, thieves, and covert government agencies. Additionally, even if encryption were to be banned, malicious actors would still utilize it, given its well-established technology. Once the toothpaste is out of the tube, it cannot be put back in.
The positive news is that, thus far, encryption has been prevailing. After a lengthy period where cryptography proved too complex for most individuals to utilize, some immensely popular services and tools now feature end-to-end encryption as the default setting. Apple stands out as a notable advocate, and other examples include Meta’s WhatsApp and the reputable standalone system Signal.
Nonetheless, adversaries of encryption persist in their fight. In 2023, new battlefronts have surfaced. The UK intends to amend its Investigatory Powers Act by including a provision that demands companies to furnish government authorities with plaintext versions of communications upon request. This demand is impossible without disabling end-to-end encryption. Apple has already threatened to remove iMessage and FaceTime from the UK if the regulation is enacted, and other providers of end-to-end encryption may follow suit or explore alternative methods to continue operating. Signal President Meredith Whittaker states, “I will never willingly abandon the people in the UK who deserve privacy. If the government blocks Signal, then we will establish proxy servers, as we did in Iran.”