Virtual key may let police spy on web messages
ENCRYPTED social media messages could be accessed by police or families of deceased relatives if unlocked by five trusted authorities using a “virtual key”.
The key technology offers a potential solution to the stand-off between governments and tech giants such as Facebook over how law enforcement agencies can monitor messages sent via end-to-end encryption.
The UK and US governments have accused Facebook of putting lives at risk by extending encryption to all its messaging platforms, potentially preventing police and security agencies tracking terrorists, child abusers and other criminals.
Last week, Sir Andrew Parker, the outgoing head of MI5, appealed to the tech giants’ “brilliant technologists” to come up with a form of encryption that would allow law enforcement agencies to protect people from online harms.
He wants a technological equivalent to a physical wiretap, by which the spy agencies could get judicially authorised access to messages between suspected terrorists or criminals. Under Facebook’s proposals, even the company will not have access to the encrypted communications.
Andersen Cheng, the chief executive of Post-Quantum, a specialist encryption firm working with Nato and government agencies, said a “virtual” key split into five parts or more could unlock messages when all five parties agreed and the key fragments were joined together.
Those five parties could include the tech firm, police, the security service or GCHQ, an independent privacy advocate and a judge.
Mr Cheng’s first company, TRL, helped set up the secure communications system used by No10 to talk to GCHQ and world leaders.
“The tech firms have pushed back because they do not want the security agencies to have access to the data and risk them monitoring it all of the time. But at the same time under this model the tech firms would
‘Tech firms do not want the security agencies to have access to the data’
also not have
Mr Cheng.
“No one can open it up except through a court procedure that is highly defined.”
He said any solution might require legislation because of the tech companies’ resistance to interventions.
A bigger threat, however, may be the emergence of quantum computers so powerful that they could crack the two encryption systems used to protect communications on the internet and access billions of messages and communications every day.
The US-based National Institute of Science and Technology is holding a contest to find the algorithmic code on which to base a new encryption system to safeguard privacy. Post-Quantum is the last UK competitor. access,” said