M. Azraoui, M. Önen, R. Molva, “Framework for Searchable Encryption with SQL Databases”, Conference CLOSER 2018, 19-21 March 2018, Medeira, Portugal. [Conference website http://closer.scitevents.org/]
ENISA has released an opinion paper on the importance of the Cryptography and its role in today's digital society.
The paper gives an overview of the history of cryptography and the different types of services and how internet services are now becoming reliant on strong encryption to protect communications from criminals and fraud.
Many jurisdictions have taken slightly different approaches to regulating the use of Cryptography. Some jurisdictions have attempted to limit the effectiveness of encryption by the use of back doors, import export legislation and the requirement to provide clear text following judicial approval.
Though ENISA doesn't think this approach should be followed, as it provides the opportunity to cyber criminals to undermine the privacy and security of communications and to lower trust in digital services. Here's a summary of the key points highlighted in ENISA's opinion paper:
- The use of backdoors in cryptography is not a solution. Existing legitimate users are put at risk by the very existence of backdoors. The wrong people are punished.
- Backdoors do not address the challenge of accessing of decrypting material because criminals can already develop and use their own cryptographic tools.
- Judicial oversight may not be a perfect solution as different interpretations of the legislation may occur.
- Law Enforcement solutions need to be identified without the use of backdoors and key escrow. It is very difficult to restrict technical innovation using legislation.
- History has shown that technology beats legislation and criminals are best placed to capitalise on this opportunity.
- The perception that backdoors and key escrow exist can potentially affect and undermine the aspirations for a full embraced Digital Society in Europe.
- History has shown that Legal Controls are not always successful and may harm and inhibit innovation.
- The experience in the US that limiting the strength of encryption tools inhibited innovation and left the competitive advantage in this area with other jurisdictions.