There is no such thing as perfection when it comes to security and privacy. There is simply a solution which is so hard to circumvent that it’s not worth whatever is kept behind it.
When it comes to modern digital encryption standards, however, the difficulty level involved is truly astronomical. In practical terms, it’s basically impossible to crack the type of encryption used to secure online credit card information and other sensitive data. Quite simply, the technology that’s capable of doing it doesn’t exist yet.
This is why encryption is such a popular way to secure information on the web and on our computers and other digital devices. That doesn’t mean encryption is always the right solution. Just like anything in life, there are benefits and disadvantages to using encryption. These are the ones most relevant to the everyday user.
Pro: Your Data is Safe
The gold standard when it comes to breaking the encryption on a given set of data is how long it will take to crack by using brute force. This simply means how long it will take to guess every possible combination of the secret key that will decrypt the information.
For something like AES with a 256-bit key even the might of the best supercomputers we have today would take more time than the universe itself has left. Not to mention the literally astronomical power needed to complete the task.
Which means if someone steals your encrypted hard drive, device or cloud data you are almost guaranteed to be OK. Unless some other vulnerability comes into play. As for the encryption itself? As of now, it’s safer than Fort Knox.
Pro: Encryption is Easier than Ever
No matter how good a given technology is if it’s hard to use people will avoid it. Implementing encryption used to mean that you had to be rather well-versed in cryptography. Over time encryption has become incredibly easy to implement.
For website owners, configuring HTTPS encryption for their websites no longer needs high levels of web admin kung fu. HTTPS is such low-hanging fruit that browsers like Google now expect every site to have it. If they aren’t equipped with this encryption, the browser will show a big red warning sign.
Encrypting computers, devices, documents and portable storage is also now dead easy. In some cases, users don’t even know that they are using encryption. For example, if you are using a recent iPhone, then encryption is the default as long as you set a passcode.
So there’s no real argument against using encryption based on how hard it is to implement. Sure, the technology is incredibly sophisticated, and you probably shouldn’t try to invent your own algorithms, but using what’s out there is pretty easy.
Con: You Could Lose Your Data
While this would be pretty ironic in some ways, it’s a real and serious risk. Which creates an incentive to store keys in a way that’s perhaps less secure than is ideal. Like any powerful tool, you need to use encryption carefully so that you don’t end up burning yourself instead of protecting yourself.
Con: It’s Only as Good as Your Password
When you use encryption to protect files, disks or entire devices the key is often a password you choose for yourself. Unlike solutions such as AES-256 with incredibly long, random keys, human passwords are much easier to break.
Because our brains aren’t great at remembering truly random strings of characters we tend to pick passwords that are easy to remember and short. That makes the job of a hacker (or government) who gets their hands on the encrypted data easy.
For example, non-random passwords that contain common words can be broken by using something known as a dictionary attack. There are orders of magnitudes fewer word combinations then there are random alphanumeric combinations. So this cuts the brute force time down to practical levels.
The most important thing you can do to counter this rather serious con of encryption is to create strong passwords. Luckily we already have a guide on making strong passwords, so be sure to give it a look.
Con: There are Performance Penalties
Wherever you use encryption, you are introducing an extra step in the data retrieval and transmission process. Not only that, encryption involves the application of very sophisticated mathematical operations to every (literal) bit of data. Which puts extra pressure on the system’s processor.
The good news is that modern computing systems are so powerful that the extra overhead of encryption generally makes no difference to the average user. That being said, you should assess exactly what sort of performance impact encryption will have in the context where you will use it. It’s also important to understand that the performance of the various encryption solutions is different. Which means the need for speed and security have to be carefully balanced against one another.
Encryption is Here to Stay
Whether encryption is the right security measure for a given use case or not, there can be no doubt that this technology is here to stay. While the seemingly-unbreakable encryption of today could one day be broken by radical technologies, the art of encryption itself is sure to evolve. Right now untold numbers of engineers, scientists, programmers and other very smart people are working on the next generation of encryption tech. While the details may change, it’s unlikely the need for encryption ever will.