Messaging interoperability encryption challenges are being discussed by security experts, following the European Union’s decision to make cross-platform messaging capabilities a legal requirement.
There was much debate on whether or not to include messaging interoperability in the Digital Markets Act (DMA), and the challenges of maintaining end-to-end encryption was one of the key issues …
Background
We previously summarized the background to this issue:
Messaging interoperability is the idea that instant messaging should be like email. We can each use our preferred service and app, while still being able to communicate with each other.
So I might use Telegram, and you might receive it in WhatsApp. Your mom may send you a Facebook Message, and you might receive it in iMessage. Like email, we would send the message to the person, not the service […]
The EU has long been working on a huge piece of antitrust legislation known as the Digital Markets Act (DMA). The key aims of the planned law are to ensure that tech startups are able to enter the market without their growth being inhibited by the dominant players, and that consumers are able to benefit from the fruits of that competition – the best services at the lowest prices.
There has been much internal debate about the appropriate scope of the legislation, and, in particular, whether messaging interoperability requirements should be included. Some argued against it on the grounds that it would be a nightmare to implement.
I argued that while messaging interoperability would indeed be a nightmare for tech giants to implement, it would be a dream for consumers. Most of the discussion, however, has focused on the nightmare part.
Messaging interoperability encryption challenges
There are many different ways to implement end-to-end encryption, and different messaging platforms have opted for different privacy solutions. But even where two services have opted to use the exact same encryption technique, they’ll still end up with different keys for communication between the same individuals, meaning you can’t just forward an E2E encrypted message from one to the other: much more work is required.
The Verge reports on the various concerns being expressed by security experts. One is the need for messaging services to make major changes to their respective approaches.
Steven Bellovin, an acclaimed internet security researcher and professor of computer science at Columbia University, said: “Trying to reconcile two different cryptographic architectures simply can’t be done; one side or the other will have to make major changes. A design that works only when both parties are online will look very different than one that works with stored messages …. How do you make those two systems interoperate?”
He argues that this could mean stripping out features to reach a lowest common denominator between services.
A second issue is that a security vulnerability in one messaging platform could effectively expose them all to the same exploits. Related to this, each service would have to trust every other service’s method of verifying user identities.
“How do you tell your phone who you want to talk to, and how does the phone find that person?” said Alex Stamos, director of the Stanford Internet Observatory and former chief security officer at Facebook. “There is no way to allow for end-to-end encryption without trusting every provider to handle the identity management… If the goal is for all of the messaging systems to treat each other’s users exactly the same, then this is a privacy and security nightmare.”
Potential solutions
However, open-source E2E nonprofit Matrix says that there are ways to solve these problems.
Unsurprisingly, each platform adopting Matrix’s own open-source solution is one of these. Using open-source code would have the benefit of any security researcher being able to verify the integrity of the encryption system used. Even WhatsApp chief Will Cathart – who has been very critical of the call for messaging interoperability – acknowledges this possibility.
Another would be to decrypt and re-encrypt en-route – which would normally completely compromise the whole basis of E2E encryption – but to do so on user’s own machines.
Your laptop or phone effectively maintains a connection over to iMessage or WhatsApp or whatever as if it were logged in… but then relays the messages into Matrix once re-encrypted.
This doesn’t introduce additional risks, since an end user with a compromised machine can already expose messages.
The bottom line
Ultimately, security experts agree on two things:
- Allowing messaging interoperability without compromising E2E encryption is possible
- It is very difficult, and would require a great deal of work
That second point means that it isn’t going to happen any time soon, and the EU is aware of this. It’s expected that the deadline for offering this will be much later than the deadlines for complying with other Digital Markets Act requirements.
Photo: Camilo Jimenez/Unsplash
FTC: We use income earning auto affiliate links. More.
Comments