ENISA: Encryption Back-Doors ‘Not A Solution’

Encryption back-doors would not improve law enforcement’s ability to gain access to criminals’ communications, and might well have exactly the opposite effect, according to
ENISA, the EU’s IT security advisory agency.

A number of governments, including those in the UK and the US, have suggested forcing communications companies to provide access to encrypted transmissions on demand, but such a system would be likely to encourage criminals to move to other services or develop their own technologies, ENISA said in a new study.

‘Punishes the wrong people’

Meanwhile, such technologies would “punish” the wrong people by making the services used for legitimate communications less secure, according to ENISA.

Any back-door system put into place would be likely to be targeted by criminals and nation-states looking to spy on users’ messages.

The resulting mistrust by the public could threaten the advancement of the EU’s plans for a digital single market.

“An analysis should be carried out to analyse the benefit to law enforcement of the introduction of backdoor weakened encryption technology as against the potential damage to the take up and operation of the Digital Single Market before any legislation is introduced,” ENISA said in the study, titled Strong Encryption Safeguards Our Digital Identity.

The opinion paper made particular mention of services such as WhatsApp, which uses an end-to-end encryption technique originally developed by Open Whisper Systems for the Signal mobile messaging application.

End-to-end encryption

Such techniques, which share encryption keys between users without storing them, make tapping calls “very difficult”, ENISA said.

“There is every reason to believe that more technology advances will emerge that will continue to erode the possibility of identifying or decrypting electronic communications,” the agency wrote.

Other problems with introducing back-doors include the overhead cost for provisioning such a system and the possible weakening of other technologies, such as digital signatures, that rely on encryption.

“History has shown that technology beats legislation and criminals are best placed to capitalise on this opportunity,” the paper concluded.

The current British government recently passed controversial legislation nickamed the “Snooper’s Charter” intended to legitimise broader surveillance practices, including obliging Internet services providers to store users’ communications records and make them available to government agencies.

How much do you know about privacy? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Microsoft To Acquire Activision Blizzard For $68.7 Billion

Huge tech acquisition, as software giant seeks major expansion of its gaming credentials with purchase…

8 hours ago

Amazon Sued For Worker Death In Deadly Tornado Strike

Parents sue Amazon for wrongful death, after son was among six workers killed when Amazon…

10 hours ago

Twitter Expands Misleading Tweet Feature

Twitter has expanded its test feature to other countries that allows users to flag or…

11 hours ago

US Airline Bosses Warn Of ‘Catastrophic’ Aviation Crisis Due To 5G

US aviation 5G scare-mongering continues, as CEOs of ten US airlines warn of 'havoc' caused…

12 hours ago

Government Backs Ad Campaign Against End-To-End Encryption

Public funds to used for government-backed advertising campaign against end-to-end encryption, but security experts argue…

14 hours ago

Amazon Last Minute Extension For Visa Card Payments

UK Amazon users can continue using their Visa cards for online shopping for now, after…

16 hours ago