Could UK be on the verge of breaking end-to-end encryption?

Of late so many popular messaging systems created the phenomenon of end-to-end encryption for users in which the message sent by the user reaches to the intended users with complete encryption and in between there is no way any third person or system able to see the contents of the message. If that so it is one of the better ways to keep correspondence intimate and only received by the person for who it is intended to reach.

It is done to stop a third party or trespassers to reach to or intercept the message and thus entire conversion between the sender and the receiver stays private and confidential. Virtually, this method stops entirely hackers, interceptors and others from accessing and reading these messages. That is why these forms of extremely secure correspondence such as end-to-end encryption are being typically employed by big business houses, corporate, banks in their messaging services in order to keep entire communication data secret and private.

Most popular messaging services such as Whats-App, Telegrams are employing highly secure end-end encryption messaging system yet this wonderful messaging system is getting into high degree of controversy. Especially in the United Kingdom, there has been a huge degree of discussions on the efficacies of this technology in relation to security of the establishment and public at large.

In the 22nd March attack on London, it was established that the terrorist had used whats-app to contact his handler minutes before the attack took place. Due to presence of end-to-end encryption there is no way security establishments could catch the culprit and that becomes the major bone of contention or issues for security establishments.

There should be no place for terrorists to hide and there is the call to Whats-app developers to establish certain improvements in their technology so that in the future security establishments should have easier access to these messages so that they can take action and stop these attacks before these actually realized.

It sounds a reasonable solution so what should have been the problem with it. Due to these mechanisms the complete prevention of cyber criminals, attackers, trespassers could not intercept messages and correspondences. The end-to-end encryption, also not let whats-app to see your messages and it provides some sigh of relief to individual law-abiding citizens. In reality even Whats-app cannot see these messages so in which way it could share such messages to law-enforcing agencies.

On the other hand, Whats-app is popular world-wide because of its presence in a high degree of security mechanisms which support and prevent secret of individuals through end-to-end encryption and other security mechanisms. If Whats-app going to remove this, then this should be the selling point of it and there is fear of losing far too many users all over around the world.

The government is also responsible for security of citizens and in these crucial juncture what should have been the aim and the way to go forward for the government at large. It creates one suggestion to create a backdoor mechanism for end-to-end encryption system so that ultimately the security and law-enforcing agencies should have prior information management so that they could catch the terrorists through reading out their correspondences.

When there is a need to create such mechanisms it is important to understand the process with which these mechanisms work. When you open a whats-app account a public key, is created and then when other recipients intended to receive a message, the text first sends is the public key and then the public key of another intended recipient also sends the same to you.

Yours public key has to be validated with the private key of respondents and then when the respondents accept and in reverse the private key of the sender accepts the public key of respondents the entire message to and fro from each other becomes completely encrypted.

After confirming each other, the next step is to send the message. When a message goes from sender it becomes the number of digits on the server and becomes unreadable and then it reaches to respondents app and from them after verifying public key the entire message decryption into message only on the receiver’s device.

In between even hacker sees the message not able to read it except the string of digits and nothing else. Even servers of Whats-app not able to read these messages only the app of other users say the receiver able to receive the message and decode it completely.

Then after decoding of message entire message is unlocked with the private key of respondents and then the receiver able to read and view the message. What is this means that even if a backdoor entry is created any further attempt to catch hold of entries could not be possible without acquiring private key and presence of private key is only possible, when, the apps installed on the mobile number authenticated could be found. This seems not a possible idea.

In term and privacy policy of Whats-app it is exclusively written that they do not store information on their server and when user activates end-to-end encryption it automatically, all the information send and receive from sender to receiver and encrypted and there is no way without the presence of the apps of sender the messages could be retrieved at any point of time.

This means that even there is permission to security agencies to watch and find out a back door entry so that they could receive, detect suspicious entries could not be possible. Due to presence of hardware authentication system of identifying the public key from the private key from Whats-app of other users. There are political opponents who also saying that this move could also fringe right to privacy of citizens and civil liberties.

If that so does this means the terrorists should have a free run to communicate and then implement their evil ideas? No, even in this situational conversational system where end-to-end encryption is forced upon Whats-app still retains the internet Protocol address and metadata of users, and this information can be handled out to authorities without infringing upon security and privacy of other law-abiding citizens. In this approach, authorities can use such channels as if using as the similar send or receive persons.

This method is completely reverse to end-to-end encryption but still it has to be made considering the geopolitical situation and in which the entire world is fighting with the menace of terrorisms and in these circumstances the presence of such safeguard is the need of the hour. Some advocate completely banning of such end-to-end mechanisms so that authorities should have prying eyes on each of suspicious messages.

On the other hand if such encryption messages are not available such move could provide some infallible consequences for financial transactions and this should not be good either as it can provide a free hand to snoopers and hackers. This debate continues still another superlative mechanisms for encryption come out to satisfy law-abiding citizens and law-enforcing authorities.

Related Post

This entry was posted in Cyber Security, Ethical Hacking on by .

About Mohan Manohar Mekap

Mohan Manohar is a blogger from India who founded Ittech back in 2007. He is passionate about all things tech and knows the Internet and computers like the back of his hand.