Encryption has created an impassable puzzle for the real world



[ad_1]

Quantum computers will break encryption
ZDNet's Tonya Hall asks Jason Hart, data protection technology manager at Gemalto, to break encryption with quantum computing.

With some inevitability, governments on both sides of the Atlantic are taking a new approach to one of the technologies they love to hate – encryption.

Late last month, US Attorney General William Barr warned that the use of end-to-end encryption – which he described as an encryption "without warrants" "-" allows criminals to carry on their activities with impunity, hiding their activities under an impenetrable mantle of secrecy. "

Similarly, the new British Secretary of State, Priti Patel, recently criticized the use of end-to-end encryption by email services such as Facebook's WhatsApp.

"When systems are deliberately designed using end-to-end encryption that prevents any form of access to content, regardless of the crimes that can allow it, we must act," she said.

"This is not an abstract debate: the plan recently announced by Facebook to apply end-to-end encryption on its messaging platforms presents significant challenges that we must work collaboratively to address." added Patel.

Patel did not say how the government would act, aside from asking Facebook and other tech companies "to work with us urgently on detailed discussions."

Governments have consistently called on technology companies to give up encryption in recent years, with little effect.

Diane Abbott, shadow secretary of Labor, told ZDNet: "The new Secretary of the Interior is repeating the mistakes of some of her predecessors, she does not seem to understand that widespread access to Encrypted communications from the police and security services would effectively end these communications – they could be trusted. "

SEE: A winning strategy for cybersecurity (ZDNet Special Report) | Download the report in PDF format (TechRepublic)

"We know that the government does not like the evidence, but it really needs to understand that only targeted access, approved by the courts, by the forces of order and other agencies, If the House Secretary's line is continued, criminals and terrorists could simply be driven underground and we will all lose the right to privacy. "

Indeed, the UK government theoretically already has the necessary powers to require technology companies to remove encryption from their courier services.

Under the controversial law on investigative powers adopted in 2016, the government may require technology companies that they remove the "electronic protection" – encryption – messages in severe cases.

But in reality, this legal power is considerably limited, which is why the government has not used it. First, many of the largest courier companies are based in the United States, which means that they are not particularly concerned about what policymakers from a medium-sized foreign market think.

Second, these companies are increasingly integrating security, usually backed by a commitment to end-to-end encryption, in their marketing.

Indeed, consumers are increasingly aware of the benefits of security. For technology companies, offering their customers end-to-end encryption privacy is now a competitive advantage.

Indeed, it should be remembered that the recent vogue in encryption arose only from the excessive scope of the US government and espionage in the first place.

These trends make the compromise on encryption for technology companies much more difficult: no company wants to offer a service called "the one the government can spy on easily". On top of that, if you do not trust a technology company (and many do not), knowing that it can not read your messages, you'll feel a little more comfortable with this service.

Beyond that, there is a technical problem that these messaging companies have now designed their systems around end-to-end encryption. Breaking this model at the request of one or two countries would be very expensive and would weaken the security of all users around the world.

SEE: Can we stop Russian hackers? Here's why it could take 20 years (TechRepublic cover story) | download the PDF version

Another solution is to provide a separate and less secure service to some countries, which would probably be avoided.

Companies in the technology sector are forced by all kinds of plans to reverse communication with their customers. Some do it, others do not – but if liberal democracies insist on getting this data, it is very difficult for a technology company to also refuse the request from repressive states.

Legislation and application

Stopping the use of end-to-end encrypted messaging would require strict legislation, not only in the United Kingdom, but also at least in the United States (which has limited enthusiasm for such an approach) and in Europe (which has very little tendency to do so). And just about every other government in the world.

Such a concerted effort is highly unlikely – and, even then, you would only prevent the majority of law-abiding citizens from using encrypted services. But who would apply it and at what price?

For those who do not wish to be monitored, whatever the reason, the services will always be available – whether local or international. There are some slightly more elegant solutions to the problem, but their scope is limited.

So why do politicians continue to talk about it? The low blow is to say that they do it for easy titles. But the truth is that the costs of encryption are real – the police can not spot the criminals or the terrorists who plot – and must be recognized. No response to the encryption debate is without inconvenience, and we must remember and admit it.

We live in an era of unprecedented erosion of privacy. Part of what we do ourselves: we carry smartphones that can tell us where we are and what they are doing at various companies in real time, and we fill our homes with cameras and microphones that surpass the viewers' screens Orwell.

Part of the erosion of privacy is inflicted on us – the introduction of facial recognition systems in cities is the last means used by technology to destroy our privacy (and has just arrived : a facial recognition that can detect fear). Encryption is perhaps one of the few forms of protection left to us.

As a privacy advocate once told me, we are living a golden era of surveillance and the state has the essential image of our lives – the Battle now consists of protecting the last missing pixels in the image.

It is difficult to see in the coming decades anything other than the continuing erosion of privacy by the technology that surrounds us. Whenever we give up another fragment of privacy, we should not expect that it will be returned to us. Do not give up these last precious pixels without thinking long and hard.

THE OPENING OF MONDAY MORNING OF ZDNET

Monday morning opening is our opening salvo for the week in technology. Since we manage a global site, this editorial is published Monday at 8 am in Sydney, Australia, at 6 pm Eastern Time, Sunday in the United States. It is written by a member of ZDNet's global editorial board, composed of our leading publishers in Asia, Australia, Europe, and North America.

BEFORE MONDAY MORNING OPEN:

[ad_2]

Source link