European police authorities are invited to submit proposals for the development of an interception platform. Authorities from third countries can also participate in the research project. Several German initiatives, including those of the domestic secret service, served as door openers.
The EU Commission announces new efforts to break end-to-end encrypted communications. This is according to the work programme of the Horizon 2020 research framework programme, which proposes numerous new projects in the area of “Civil Security for Society” for the next two years. According to this, the Commission wants to spend five million euros on a platform for penetrating encrypted telephony.
The focus is on intercepting connections of the fifth mobile phone generation, which makes encrypted and anonymised connections technically possible. The project in the research line “Fighting crime and terrorism” is therefore entitled “Lawful interception using new and emerging technologies (5G & beyond, quantum computing and encryption)”.
Authorities expect enormous amounts of data
The device numbers of the phones and the unique identification of the SIM cards are also transmitted in encrypted form with 5G. The decentralised network architecture makes it difficult to leak intercepted communications at central network nodes. Finally, with the introduction of 5G, authorities expect enormous amounts of data to be sifted through using forensic procedures to process big data.
The new technology therefore poses major challenges for police forces and intelligence services. Together with other international secret services, the German Federal Office for the Protection of the Constitution, but also the EU police agency Europol, have already toned down the technical standards for 5G accordingly. These are set, among others, in the European Telecommunications Standards Institute (ETSI). There, the authorities have ensured that providers must have technical interfaces (“points of intercept”) for penetrating 5G-encrypted connections. This is presumably where the new EU research project comes in.
On the initiative of the German Federal Criminal Police Office (BKA), the EU has set up a working group on the interception of 5G telecommunications by police forces and intelligence services. The originally temporary “5G Expert Group” was made permanent last year and expanded to include encrypted communications. It now operates as the “Permanent Group of Heads of Lawful Interception Units” and meets at Europol. Its new tasks also extend to the “legislative area”. The German Trojan authority ZITiS also participates in discussions on “challenges of encryption” at Europol.
Participation of authorities from third countries
The product or process to be developed for decrypting 5G telephony should achieve “Technology Readiness Level” 5-6, this includes a prototype. In research, this representation of a technology maturity level is common, this ranges on a scale from 1 to 9. The highest level marks a qualified system that has already been tested in use.
Interested authorities can now apply for the project until autumn and make proposals for its design. As usual in EU research projects, the EU Commission’s call for proposals is directed at “at least 3 police authorities from 3 Member States”. However, the participation of authorities from “associated countries” participating in EU research funding is also possible.
Israel was the first non-European country to join this group, which has since grown considerably. Under the terms of the distribution of funds from “Horizon 2020”, the countries must also contribute to the funding pots to a lesser extent.
Quantum computers as a curse
In the call for proposals, the Commission also refers to quantum computers. These are already being used in other EU decryption operations. Within the framework of its “decryption platform”, Europol, for example, uses the computing power of the European Research Centre on Lake Maggiore to crack encrypted storage media in forensic investigations, but so far the procedures have not been very successful.
However, in its work programme, the Commission cites quantum computers not as a blessing for law enforcement agencies, but for the first time as a curse. For these could be used by “criminals” to “develop new ways of encrypting communications for illicit purposes”. These connections could then become “impenetrable” to government interception.
Presumably, the research now written up will also be coordinated with the “Innovation Lab” at Europol. The research department, set up in 2019, deals with 5G, artificial intelligence and quantum computers.
Decryption is political priority for the EU
The research area “Civil Security for Society” is one of five clusters in the “Strategic Plan” for the EU’s Horizon 2020 research framework programme. This is intended to ensure that the funded projects contribute to the EU’s political priorities. With regard to encrypted telecommunications, the Commission warned on 9 December in its Communication on the Security Union that these could be used as a “secure channel” for perpetrators. Together with the member states, therefore, “possible legal, operational and technical solutions for lawful access” are to be found.
A few days later, the Council of Ministers for Home Affairs under the German Presidency published the “Council Resolution on encryption – security through encryption and security despite encryption”. On the same day, the EU interior ministers adopted “Council conclusions on internal security and a European police partnership”, according to which not only “operational solutions anchored in a regulatory framework” are to be developed for decryption.
The research projects announced by the Commission have not yet been officially decided. However, their publication indicates that the document is now an agreed draft within the directorates-general. Programmes of this kind are worked on for years, so drafts leak out often. However, these intermediate steps are not published online on the Commission’s website.