Minister: investigative services must be able to access encrypted chats – IT Pro

No, I’m explaining that the present definitions of this time period are not the identical as the unique which means of “end-to-end encryption”. Under is one other try to clarify and make clear it.

In its authentic sense, end-to-end encryption implies that the communication can’t be deciphered by third events throughout its transport from the sender to the receiver. It is about defending the content material of the message throughout transmission. That is just like “point-to-point encryption”.

Nevertheless, with the implementation of end-to-end encryption by e.g. WhatsApp, the which means has modified. Not just for the consumer himself, but in addition for the builders. It no longer solely implies that the communication stays encrypted throughout transport, but in addition that the supplier of the communication service, comparable to WhatsApp itself, has no entry to the content material of the messages. Because of this even when the messages are saved, they nonetheless stay encrypted and can’t be decrypted by the supplier.

So the distinction is that the unique definition of end-to-end encryption solely covers the transmission of the message, whereas the brand new which means additionally contains storage and entry to the messages themselves. One subsequently has way more implications than the opposite by way of privateness and safety, because the content material of the messages stays inaccessible to the service supplier with the present definition of this idea. Finish-to-end encryption has subsequently grow to be more and more vital to make sure the confidentiality and integrity of communications and storage.

An instance:

In its authentic sense, end-to-end encryption would imply {that a} letter despatched from one individual to a different is securely encrypted in transit. However the recipient can nonetheless open the letter and skim the contents with out restrictions.

Nevertheless, with the brand new which means of end-to-end encryption, the letter would stay encrypted even after it reaches the recipient. Solely the recipient can decrypt the letter and skim its contents. The postal service or different intermediaries don’t have any approach of bypassing the encryption and accessing the contents of the letter.

*Leaving apart the secrecy of correspondence (Article 13 – Dutch Structure) for the sake of comfort (edit: truly dare not say whether or not e-mail additionally suits inside these frameworks, so this observe could also be superfluous).

The latter is subsequently towards the sore leg of the minister, since he would love (solely) the police and (or) (all) different competent authorities to have the ability to entry it. The drawback with one thing like this, if one individual may entry it by way of, for instance, a backdoor or ‘skeleton key’ from the (chat) supplier. Along with your individual personal key, there’s subsequently a common key that may be cracked or misused or, within the worst case, no key in any respect.

How was the extent there earlier than?
A widely known instance of a communications service that didn’t present end-to-end encryption for messages despatched over the platform was MSN Stay Messenger. This meant that the content material of the messages in transit was probably susceptible to interception and studying by third events, comparable to hackers. web service suppliers or curious mother and father (who knew a factor or two about tech). Additionally, the chats weren’t saved encrypted however plain textual content dumped in .txt information.

Resume:

Starting of the Web to No encryption transport and no encryption storage/use.
Interval earlier than: Encryption in transport however no encryption in storage/use or vice versa.
Now: Each encryption transport and encryption storage/use.
Future* (how the minister appears to need this): Each encryption transport (with entry for authorities) and encryption storage/use (with entry for authorities).

How they need to implement this safely continues to be a thriller to me. As well as, what does this additional freedom add to the authorities (bearing in mind all of the disadvantages) in the event that they not often use the present assets now, if I learn the final paragraph?

[Reactie gewijzigd door jdh009 op 9 juli 2023 16:36]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.