EU mandated messaging platform love-in is easier said than done: Cambridge boffins

2023-03-29 14:28

In a preprint paper, "One Protocol to Rule Them All? On Securing Interoperable Messaging," University of Cambridge doctoral candidate Jenny Blessing and security engineering professor Ross Anderson observe that the DMA is now law in Europe and messaging gatekeepers will need to comply, though it won't be easy.

"Designing a system capable of securely encrypting and decrypting messages and associated data across different service providers raises many thorny questions and practical implementation compromises," they say in their paper.

According to Blessing and Anderson, making encrypted end-to-end communication services interoperable will require novel protocols and processes, both technical and social, in order to be simultaneously secure and usable.

"Interoperability doesn't just mean co-opting existing cryptographic protocols so that one service provider can pass messages along to another - it encompasses the many supporting features and protocols that make up contemporary E2EE applications," the boffins argue.

Interoperability, the researchers argue, represents a dramatic expansion of the trust surface for messaging users, who now have to consider the practices and policies of gatekeeper partners.

Under this scenario, platforms would maintain their own E2EE protocols and offer a client-side interface for other messaging services to connect over a bridge.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/03/29/eu_mandated_messaging_interop_paper/

#boffins #cambridge #EU