Press Release 081/2023

Misuse-resistant Digital Surveillance

Security Protocols Will Make Legally Required Surveillance of Digital Communication More Resistant to Misuse and Mass Surveillance
2023_081_Missbrauchsresistente digitale Ueberwachung_72dpi
With the new security protocols, encrypted communication can be monitored and illegal surveillance can be prevented. (Photo: Bildagentur PantherMedia/Jirsak)

Digital surveillance of suspects must be noiseless in order not to alarm them. Presently used systems, however, lack stringent technical mechanisms to ensure the lawfulness of these measures. Researchers of Karlsruhe Institute of Technology (KIT) and the University of Luxembourg have now designed a security protocol that enables judicially ordered surveillance of end-to-end encrypted or anonymous communication, but prevents or uncovers illegal or mass surveillance. First results are reported in a publication for the Asiacrypt 2023 Conference.  (https://eprint.iacr.org/2023/1343).

Privacy is gaining importance in our digital society. There is a strong demand for anonymity and confidentiality of data according to the European General Data Protection Regulation. On the other hand, laws and directives, such as the Resolution of the European Council on the Lawful Interception of Telecommunications or the EU Directive on the Fight against Money Laundering and Terrorist Financing, require the revocation of anonymity or uncovering the users’ encrypted communication under certain, precisely defined circumstances, e.g. when surveillance of suspects is ordered by a judge. Consequently, many applications are subject to requirements or regulations restricting unconditional anonymity.

Illegal Mass Surveillance via the Backdoor

The problem of such “digital backdoors”, however, is that they allow for unnoticed mass surveillance. Hence, independent, trustworthy offices are required for the surveillance of surveillants. Moreover, a system is needed to force a court order that cannot be changed later on when the backdoor is to be used in order to ensure the lawfulness of this measure. Existing systems are lacking strict technical mechanisms. “We have developed security protocols that can do both: They enable surveillance of encrypted or anonymous communication and, at the same time, prevent or at least uncover illegal surveillance,” says Dr. Andy Rupp, Head of the Cryptographic Protocols Group of the KASTEL Security Research Labs of KIT. “We want to significantly increase the trust of the public in the honesty of operators and prosecution authorities.”

Controlled Use of Digital Backdoors

The research team developed a module for auditable surveillance. This security protocol protects users in several ways: Digital backdoors open for a short time and for specific users only. They are shared by trustworthy parties, and access to them is provided under certain conditions only. Moreover, users are technically forced to leave unchangeable documents when opening the backdoors. This allows for a later check of the lawfulness of surveillance by an independent auditor and for publicly verifiable statistics on the use of backdoors. 

Potential applications of these auditable surveillance systems range from mobile communication systems, such as 5G and instant messaging services, to electronic payments to legal video surveillance. “We have developed a first auditable surveillance concept. Several technical and legal challenges remain to be studied before it will be used in practice. This will be the subject of our future interdisciplinary research,” Rupp says. 

Original Publication

V. Fetzer, M. Klooß, J. Müller-Quade, M. Raiber, and A. Rupp. Universally Composable Auditable Surveillance. Accepted for the 30th International Conference on the Theory and Application of Cryptology and Information Security — ASIACRYPT, 2023 https://eprint.iacr.org/2023/1343

Further Information

More about the KIT Center Information Systems Technologies (KCIST) 

Being “The Research University in the Helmholtz Association”, KIT creates and imparts knowledge for the society and the environment. It is the objective to make significant contributions to the global challenges in the fields of energy, mobility, and information. For this, about 10,000 employees cooperate in a broad range of disciplines in natural sciences, engineering sciences, economics, and the humanities and social sciences. KIT prepares its 22,800 students for responsible tasks in society, industry, and science by offering research-based study programs. Innovation efforts at KIT build a bridge between important scientific findings and their application for the benefit of society, economic prosperity, and the preservation of our natural basis of life. KIT is one of the German universities of excellence.

rl, 12.10.2023
Contact:


Christian Könemann
Chief Press Officer
Phone: +49 721 608-41105
Fax: +49 721 608-43658
christian koenemann does-not-exist.kit edu

Contact for this press release:

Aileen Seebauer
Press Officer
Phone: +49 721 608-41163
aileen seebauer does-not-exist.kit edu