ENCRYPTION FOR ACADEMICS

The title of this post is slightly misleading as it sounds like what I am going to discuss here is only for academics, but I did it intentionally to highlight the importance and use of encryption methods in academia. Otherwise, this post is equally applicable for anyone interested in understanding and implementing encryption tools in their day to day life. Before I begin I would like to confess that I am not a computer scientist and do not understand encryption at the very algorithmic level, my discussion would be from a keen observer of technology and a user perspective.

Encrypting a document, a folder or a communication via email or chat is about ensuring the secrecy of such digital information on a computer or while being transferred over the internet or held in cloud storage. It is not just to ensure the secrecy of secret information that has a high economic value, journalists/activist activities, spy work or a secret that could cost a human life, but also to ensure that our day to day digital information is not being accessed without our consent.

As an academic whose research is all about digital data encryption plays an important role in keeping research data and communications safe and secure. Below I have listed some of the state of the art, freely available and highly secure tools that anyone can use without much learning curve. When I say learning curve, then I am not refereeing to learning the algorithms that these methods are built on but bringing a change in the thinking on how we do computing in our everyday life. Almost all the tools I have mentioned here are plug & play and require zero to a beginner’s level knowledge in this regard.

  1. Proton Mail: A free email service (sign up upon request) based in Switzerland, started by academics from MIT and CERN. It performs end to end encryption that not only transmits your data through an encrypted channel but also stores your email in an encrypted space inside their data servers. Proton mail uses a two passwords system one for account login that the server knows and the second for decrypting the mail box that belongs to the user only. This ensures that the emails stored in Proton mail servers cannot be accessed by the company. Moreover, owing to strict data protection laws in the European Union only a very high level court or government order can compel the company to share any user information which in Proton mail’s case can only be user’s account login information, nothing can be accessed from the user’s encrypted mailbox.
  2. GnuPG/Enigmail: If you want to send encrypted emails while still using your existing email account, then you can use GnuPG (GNU Privacy Guard) that is a complete and free implementation of the OpenPGP standard (also known as PGP). GnuPG encryption follows public and secret key model in which a sender encrypts the email using the receiver’s public key and the receiver decrypts the incoming email using his secret key. The public key can be publicised openly (usually sent as an email attachment) while the secret key is always kept secret. Public key and secret key combination is unique for each pair and can’t be changed in any way. Enigmail plugin in the Thunderbird mail client can let you easily configure GnuPG for your email address and create a pair of public and private key by just following a simple setup wizard.
  3. LastPass: With the increasing number of useful websites that require user signup remember their login credentials often become cumbersome. This usually leads people to either using the same password for every website they sign up or putting a very simple, easy to remember phrase. The former has the danger of compromising all of your accounts by guessing just one password while the latter has the danger of your passwords being very easily guessed by a hacker or a password cracking algorithm. Ideally a password should be of a good length not just a four charter word, comprising of combination of lower and upper case alphabets, numbers and special characters. A password should almost never be a regular library word and not a word that can easily be associated with the user. There are many programs that can generate strong passwords and store them either on your local machine or on the cloud. However, not many of them store the passwords in encrypted space. LastPass not only stores all of your passwords in an encrypted space, but it also does the encryption of the passwords locally on your computer before it sends it to the server. Therefore, similar to Proton mail LastPass Company cannot see your stored encrypted passwords. So if you cannot remember many strong passwords, then let LastPass generate strong passwords and remember them for you. But yeah, you will have to remember the LastPass master password else you will lose it all.
  4. VeraCrypt: This tool is to create an encrypted volume from a folder or an entire disk. VeraCrypt is an extension of very successful software called TrueCrypt that got abandoned a couple of months ago. Folders or whole disk can be encrypted using VeraCrypt GUI and the same program can be used to decrypt and mount them as new volumes. One of the ways I use VeraCrypt is to store sensitive information, for example, my secrete GnuGP keys in an encrypted folder and upload it in a cloud storage. By this I don’t have to worry about the security of my data stored in the cloud.
  5. MEGA: A couple of weeks ago I bumped into MEGA which is a cloud storage service similar to Dropbox, Google Drive, One Drive etc., but with a whooping 50 GB of free storage and most importantly the data are stored in an encrypted space. It can be used via web browser or thorough a sync client installed on your local machine. It’s a cross platform program with sync client available for most of the popular computer and mobile operating systems.
  6. Fruux: If you have ever thought of keeping your calendar, contacts and task synced over multiple devices via the single service provider and at the same time encrypting all your data for cloud storage then Fruux.com is what you are searching for. Fruux is available for free to professional level pricing for most of the popular computer and mobile operating systems. Free version of Fruux allows you to sync your data for up to 2 devices along with accessing all your data from its website.

Most of the above mentioned tools depend on secret key based encryption that only the user holds or at least one password that cannot be recovered by the company. Therefore, although these are some of the mighty tools for almost anybody from the crowd, keeping the secret key secret or remembering the master password is the user’s responsibility. Losing the key or master password may either lock you out of your data forever or worse, getting hacked by the founder suffering cumulative damage.

Leave a Reply