security

Developing security protocols for misuse-resistant digital surveillance – Tech Xplore


This article has been reviewed according to Science X’s editorial process
and policies.
Editors have highlighted the following attributes while ensuring the content’s credibility:

fact-checked

trusted source

proofread


Credit: Pixabay/CC0 Public Domain

× close


Credit: Pixabay/CC0 Public Domain

Privacy is gaining importance in our digital society. There is a strong demand for anonymity and confidentiality of data according to the European General Data Protection Regulation.

On the other hand, laws and directives, such as the Resolution of the European Council on the Lawful Interception of Telecommunications or the EU Directive on the Fight against Money Laundering and Terrorist Financing, require the revocation of anonymity or uncovering the users’ encrypted communication under certain, precisely defined circumstances, e.g., when surveillance of suspects is ordered by a judge. Consequently, many applications are subject to requirements or regulations restricting unconditional anonymity.

Illegal mass surveillance via the backdoor

The problem of such “digital backdoors,” however, is that they allow for unnoticed mass surveillance. Hence, independent, trustworthy offices are required for the surveillance of surveillants. Moreover, a system is needed to force a that cannot be changed later on when the backdoor is to be used in order to ensure the lawfulness of this measure. Existing systems are lacking strict technical mechanisms.

“We have developed security protocols that can do both: They enable surveillance of encrypted or anonymous communication and, at the same time, prevent or at least uncover illegal surveillance,” says Dr. Andy Rupp, Head of the Cryptographic Protocols Group of the KASTEL Security Research Labs of KIT. “We want to significantly increase the trust of the public in the honesty of operators and prosecution authorities.”

Readers Also Like:  Six steps to improving application security in cloud-native ... - TechNode Global

Controlled use of digital backdoors

The research team developed a module for auditable surveillance. This security protocol protects users in several ways: Digital backdoors open for a short time and for specific users only. They are shared by trustworthy parties, and access to them is provided under certain conditions only.

Moreover, users are technically forced to leave unchangeable documents when opening the backdoors. This allows for a later check of the lawfulness of surveillance by an independent auditor and for publicly verifiable statistics on the use of backdoors.

Potential applications of these auditable surveillance systems range from mobile systems, such as 5G and instant messaging services, to electronic payments to legal video surveillance. “We have developed a first auditable concept. Several technical and remain to be studied before it will be used in practice. This will be the subject of our future interdisciplinary research,” Rupp says.

More information:
Universally Composable Auditable Surveillance. Accepted for the 30th International Conference on the Theory and Application of Cryptology and Information Security—ASIACRYPT, 2023 eprint.iacr.org/2023/1343



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.