The Apple vs. FBI case may be over, but debates surrounding encryption are sure to continue. You're not alone if you think aspects of the controversy seem to require a computer science degree to understand. This site illustrates some of the basic technical principles involved to help even non-geeks weigh in. Begin by reading up below, or skip straight to the demo.
Encryption is an ancient method of protecting confidential information. It helps to ensure that messages or other data can only be understood by their intended recipients.
Julius Caesar, for example, reportedly used a shift cipher for his military correspondence. In shift ciphers, the values of the letters are shifted by set amounts. A common use is the ROT13 ("rotate by 13 places") cipher, in which the values of the letters are shifted by 13 places. For example, "A" ↔ "N", "B" ↔ "O", and "CAESAR'S CIPHER" ↔ "PNRFNE'F PVCURE". Anyone with the key to the cipher can understand the message pretty easily. To anyone else, the message is likely to look like gobbledygook.
Secure modern encryption uses far more complex methods to protect your data. Nonetheless, consider two points with this example in mind:
Today, secure communications techniques usually rely on computers to run complex algorithms. In typical modern use, encryption and decryption require authentication like a password or longer passphrase to deploy. Without your passphrase, a hacker would only be able to see encrypted data. She would have to break the encryption (e.g., for Caesar's Cipher, figure out she needs to shift each letter by 13 places in the alphabet) to be able to read your data. But with your passphrase, a hacker can access it just as you would. Therefore:
If the company that wrote the program you're using builds a "backdoor" into the program, it creates an intentional security defect, a technical method of accessing your data without either cracking the encryption OR figuring out your passphrase. Even under ideal circumstances, no one can guarantee that any particular backdoor will always remain known only to authorized parties who will use it legally and morally. Therefore:
Here, the situation plays out from the hacker's point of view. In a normal case, if the hacker's passphrase does not match yours, Caesar's Cipher will protect your data.
If, however, the hacker becomes aware of a backdoor—through whatever means—she can gain access to your data no matter how convoluted your passphrase is, and even if the encryption is much stronger than Caesar's Cipher. For this example, the backdoor takes the form of a master passphrase. Use it below by typing "Collect it all!" as the hacker's passphrase.
For more tips on keeping your online information safe, check out EFF's Surveillance Self-Defense Guide.