Encryption Key Lifecycle
Source: Townsend Security

Australian Attorney-General George Brandis seeks to put encryption keys of the popular messaging apps like Telegram, WhatsApp, and Facebook Messenger at the disposal of the authorities. Sounds scary. Not much.

“My concern is the existing laws … don’t go far enough in imposing obligations of cooperation upon the corporates,” Senator Brandis told while talking to Sky News.

Brandis further seeks “cooperation from device makers and social media companies like Apple, Facebook, and Google“, reported Sky News Australia, an Australian 24-hour cable, and satellite news channel. A good thing is that Brandis says the Australian government will not pursue the controversial “backdoor” access option. A back door is a means of access to a computer program that bypasses security mechanisms. Companies sometimes install a back door so that the program can be accessed for troubleshooting or other purposes. However, the same backdoor can be used by attackers to install themselves, as part of an exploit.

For now, the Australian government is looking for a ‘front door‘ warrant-based approach to get access to the encrypted messages.

What’s Next On The Agenda?

The Australian senator expressed these views this past Sunday while talking to The Sky News

The Australian senator expressed these views this past Sunday while talking to The Sky News Australia. Brandis plans to raise the issue of better access to encrypted messages in ‘The Five Eyes’, often abbreviated as FVEY, an intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom and the United States. The last meeting of the ‘Five Eyes’ intelligence group took place in New Zealand in April 2017.

Prime Minister Malcolm Turnbull is expected to make a statement about tackling terrorism to the House of Representatives at midday on June 13th, 2017.

Another key issue the Turnbull government wants to tackle is the warrant exchange program between Australian agencies and counterparts in the US and other partner countries.

The senator’s views and the Turnbull government’s eagerness to tackle the issue of spy access to terrorist messages is understandable. Encrypted messaging on the smartphone is one of the thorniest problems for the security agencies. Terrorists and hackers are able to ‘go dark’ using the popular messaging apps.

Messaging Encryption
Source: WIRED

A recent 9,000-page data dump of CIA hacking tools shows that the CIA isn’t yet able to decrypt messages on messaging apps like Telegram and WhatsApp. Currently, the only way for the spy agencies to access the texts, videos, the camera, or the microphone is by taking over the end-point-the device or the smartphone of the user.

“If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys.”

However, Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley told the British newspaper The Guardian that “If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys.

What Are The Implications?

If ‘The Five Eyes’ alliance is able to come up with a cohesive plan regarding warrant exchange and ideas on getting access to a front-door into the popular messaging apps, there will still be a lot of legal hurdles to pass before the agencies can gain access to the messaging app communication of the suspected users.

However, governments across the Western countries will make new laws to gain access to encrypted online communications.

Until then, privacy-minded users can use the VPN networks to secure their digital privacy. Once the agencies get access to the popular messaging app communications, we’ll see a new breed of encryption software by the black-hat hackers and terrorist groups to encrypt their communication.

Shargeel is an internet privacy expert and information technology enthusiast.

Leave a Reply