Google chairman says 'unbreakable' encryption will become a reality

Google chairman Eric Schmidt say he believes that unbreakable encryption will become a reality in "our lifetime".

Speaking alongside former US Secretary of State Condaleeza Rice at a recent Stanford University cyber security forum, he argued that technology – rather than legislation – will win out as users increasingly look for ways to protect their online activities.

"Everything is going to have to be encrypted all the way,” said Schmidt.

End-to-end encryption has been available for many years in the shape of PGP for email, OTR for instant messaging and the likes of Tresorit for cloud-storage, but does not always guarantee complete security, with numerous exploitable backdoors.

Google currently provides a Chrome extension (called ‘End-to-End') that uses the open-source OpenPGP, which Yahoo is also looking to implement from next year.

The webmail providers have teamed up to allow Yahoo Mail users to send and receive encrypted messages from Yahoo and Gmail users, and to create a PGP encryption tool that will encrypt data contained in messages, but not the sender/receiver's email addresses or the subject line.

Despite these efforts, however, Americal Civil Liberties Union privacy researcher Christopher Soghoian criticised Google for not applying the same privacy zeal to the Android operating system.

“Now that Eric Schmidt loves crypto, perhaps he should talk to the Android team, which still doesn't use encryption crypto by default,” he said on Twitter.

George Anderson, director at security firm Webroot, told SCMagazineUK.com that encryption alone "cannot guarantee complete security" and that any code is only likely to remain unbreakable in the short term. 

“There is a lot of work to be done before the industry is able to create an ‘unbreakable' code. While it's true encryption will raise the barrier to immediate access to sensitive data by the man in the street, it will not stop state actors or equally well resourced cyber-criminals. Organisations that need absolute security for compliance or sensitive data reasons must take a layered approach, using encryption to help put them on a more equal playing field with hackers,” said Anderson.

Rowland Johnson, CEO at security consultancy Nettitude, agreed.

“If encryption technology continues to evolve at this pace then Eric Schmidt's prediction of end-to-end encryption within our lifetime may come true, but it's a bold statement to say it'll be unbreakable. If there's one thing we've all learnt from recent hacks and cyber-attacks it's that the ‘bad guys' are usually one step ahead of security vendors and their customers, and are successfully breaking into networks that were deemed secure.”

Schmidt's conversation with Rice formed part of Stanford's inaugural week-long cyber security boot camp for ‘key congressional staffers who deal with cyber security issues'.