Just like you use encryption to make a message unreadable for an unauthorised person, you can do the same thing with files as well. In this chapter, we will focus on software that is specifically designed for data encryption. Those programs will come in handy if you want to encrypt many files at once, a full disk or a mobile device. Once the data is encrypted, it is called ciphertext, while unencrypted data is called plaintext.
Data encryption is so effective that some countries even make using encryption a crime, require a licence to import/export encryption technologies (e.g. China) or can legally force individuals to decrypt their locked data for law enforcement. Especially the latter is shockingly common, even in Western countries. How can these countries have the impudence to call themselves democracies?
If you want to know who we mean, you can check which countries have such laws at the GP Digital website. Look for the section “Obligations on individuals to assist authorities”.
Modern data encryption is almost impossible to crack. We cannot give you an exact number here. No one can do that with accuracy, since it depends on many factors, like algorithms used, processing power and methods used for the attack.
As a rough estimate, we will mention a study from the École Polytechnique Fédérale de Lausanne (EPFL, university in France). The researchers set up 400 modern computers and tried to crack a mathematical equation equal to an RSA 700 bit key. It took the 400 machines over 11 months to complete the task. With stronger keys, it would have taken years. We are still far away from quantum computing. As long as there are no quantum computers, this will always take that long.
You should, however, keep in mind that data encryption uses computers and their power together with sophisticated algorithms. These methods are designed for the sole purpose of preventing being cracked. So unless you use an exploit, it could literally take millennia. For message encryption, there is currently no known exploit that circumvents it, the same applies to the file encryption methods in this chapter. The only method is trying all possible passwords and keys in a brute-force attack and that is slow.
At BetterBuys.com and HowSecureIsMyPassword.com, you can estimate how long it would take to crack a simple password. Now, file encryption is many times stronger than a simple password, so you can imagine that it would take a ridiculous amount of time.
To get back to the results of the study from EPFL, there is one more thing you should know: Nowadays, most people use 4,096 bit RSA keys for message encryption, so you can imagine that this will take much longer. Time to decrypt grows exponentially with the key length.
But police can crack it, right?
No, absolutely not! Continue reading.
When an intelligence agency or law enforcement tells the press that they have cracked encryption, that is always a lie! An example can be found in our article on Telegram Messenger.
Mainstream media loves reporting on how a few constables, dressed like the Village People, have defeated a powerful computer chip with ease. In some criminal cases, they were able to capture encrypted data in plaintext. Do not be mistaken, they did not actually crack anything!
Getting the original unencrypted data is always done by using keyloggers or installing malware on the machine of the person that uses encryption. Malware that they often use is screen capturing software, trojans or software that reads encryption keys from memory. The latter is done to circumvent full-disk encryption. Such attacks will capture the data before it even gets encrypted.
Data encryption will protect you from many things, but you are not safe if your computer is compromised.
“As you see, police just use hacking, like every other computer criminal. The government authorities of the 21st century are very fond of working on the borderline of illegality.” — InvisibleUser
More information on how police and governments attack their own citizens with extremely advanced malware can be found in our article “Government Hackers are a Threat to Society“.
You should never reveal your private key password to anyone. This would make things much easier for an attacker. If you give away the password to your encryption keys, they do not even have to manipulate your machine or (unsuccessfully!) try to crack the data encryption.
When law enforcement attempts to get your password, because they cannot crack the encryption otherwise, they will threaten you.
Do not fall for that! They are completely stuck and useless, unless YOU give up YOUR password.
Trying to scare you with financial damage (extra payments), loss of freedom and even violence are common tactics police will use. That even happens in Europe and North America. In authoritarian regimes on the other hand, they will probably torture or execute you if you do not help them out. (They will usually execute you and your entire family regardless of whether you give them the passwords.)
Data encryption will 100% protect you! The weakest link in cryptography will always be human error and being stupid. As stated above, encryption is extremely strong. Would it really matter if we told you that it takes 500 or 1000 years to crack? No, any data that takes more that a year or two to decrypt is unlikely to be used as evidence against you.