Encryption – Matthias Monroy

Right-wing attacks: German Police and Europol cannot decrypt suspects‘ devices

The Berlin police fail to crack the mobile phone and laptop of a neo-Nazi. This is stated in the final report of the investigation team on arson and spraying in the Neukölln district. Federal authorities and companies have also chipped their teeth at the devices.

The investigation of a right-wing series of attacks in Berlin is made considerably more difficult by the encryption of devices that the police confiscated from suspects. This is stated in the final report of the „Fokus“ investigation team. Accordingly, the police have asked several official and private agencies for help with decryption, each time unsuccessfully. The classified report has 72 pages, in a much shorter open version the explanations on digital forensics are missing. There is only a footnote stating that „work continues on the decryption of two encrypted devices of a suspect“.

For several years left-wing activists and projects in the Berlin district of Neukölln have been plagued by arson and spraying, while three members of the right-wing scene known to the police are suspected. Because the police were slow in investigating, Senator of the Interior Andreas Geisel (SPD) set up the „Fokus“ investigation team over a year ago. „Independent“ police officers were supposed to check the work of their colleagues. However, there is still no new evidence against the three main suspects Sebastian T., Tilo P. and Julian B. after the end of the new investigation. „Right-wing attacks: German Police and Europol cannot decrypt suspects‘ devices“ weiterlesen

German Ministry of the Interior plans EU declaration against encryption

Since 2016, the Council and Commission of the European Union have been working on ways to decrypt digital content. After setting up a department at Europol, the Internet companies are now being urged to cooperate more. They are to provide police and secret services with decrypted data on request.

Within the framework of its EU Council Presidency, the German government wants to achieve a declaration on encrypted communication on the Internet. This common line taken by all member states should put pressure on service providers to introduce appropriate solutions for decrypting. According to a Council document published yesterday by the British Civil Liberties Organization, the individual governments are to send their position to an e-mail address of the German Ministry of the Interior by October 7. After that, the Standing Committee on Operational Cooperation on Internal Security (COSI) will decide on how to proceed. There, the national interior ministries are coordinating among themselves. „German Ministry of the Interior plans EU declaration against encryption“ weiterlesen

European Commission starts new attack on end-to-end encryption

The „decryption platform“ at Europol plans to switch to supercomputers soon. A working group is looking for ways to counter end-to-end encryption. By the end of the year, the Commission plans to present a study on how internet providers can break these secure connections and report criminal content to the relevant authorities.

For years, the European Commission has been calling for law enforcement authorities to have more access to encrypted communications. The Council, in which the Member States are organised, also adopted conclusions to this effect three years ago. In addition, the European Union’s “ Anti-Terrorism Co-ordinator“ Gilles de Kerchove regularly publishes papers calling for the elimination of secure communications. Most recently, Kerchove drew attention to the gaming community and its chats with end-to-end encryption. „European Commission starts new attack on end-to-end encryption“ weiterlesen

Europol steers arms companies for security research

Following the example of the US Department of Defense, Europol should coordinate European security research. In October, the EU interior ministers had decided on an „Innovation Laboratory“ at the Police Agency. Due to potential confusion, the department will now be renamed.

Since 1984, the European Union has organised its civil security research in multi-annual framework programmes, the current programme is called „Horizon 2020“. Arms companies are involved in many of these projects; they are conducting research with institutes and authorities on drone tanks for border control, stopping „non-cooperative vehicles“ with electromagnetic pulses or observing cities and borders by satellite. International agreements enable the involvement of third countries, for example Israel’s largest drone manufacturer has been involved in numerous projects for decades. „Europol steers arms companies for security research“ weiterlesen

Backdoors vs. Trojans: Europol is examining „solutions“ against end-to-end encryption

The German police also uses a „decryption platform“ at Europol. The system belongs to an „innovation laboratory“ and is currently being equipped with new technology. The EU Commission will soon decide whether Europol should also handle the decryption of secure connections.

Since 2014, Europol has been offering Member States support in decrypting data carriers or mobile phones. The unit is based at the „Centre for Combating Cybercrime“ (EC3), which was set up a year earlier at the headquarters of the EU Police Agency in The Hague. What forensic tools Europol uses for this purpose is not answered by the European Commission, which is responsible for the functioning of the EU agencies.

According to Europol’s annual report for 2018, the „decryption platform“ has been requested 32 times since its creation, in 12 cases successfully. Operations are carried out in various fields, including cybercrime, drug trafficking and migrant smuggling. According to the German government, the services are also available to third states. „Backdoors vs. Trojans: Europol is examining „solutions“ against end-to-end encryption“ weiterlesen

„Obstacles to surveillance“: How authorities insecure 5G telephony

In the fifth generation of mobile communications, encrypted and anonymous connections are technically feasible. Police and secret services, however, provide new interception possibilities

Following the auction of frequencies, mobile operators are building the new 5G network. This fifth generation of mobile phones is considered particularly secure because of its concept of „Privacy by Design“. Connections can be encrypted end-to-end, which makes interception much more difficult. The device numbers of the telephones and the unique identification of the SIM cards are also transmitted in encrypted form. Under 5G, the registered mobile phones also recognize suspicious mobile cells. This makes the IMSI catcher currently in use unusable for locating and listening to telephones in the vicinity.

The new possibilities for encryption and anonymisation are causing police forces and secret services headaches. The German Federal Ministry of the Interior complains of „additional technical hurdles in the monitoring of telecommunications and the implementation of technical investigation measures“ and announces „adjustments“ of the telecommunications legislation. „„Obstacles to surveillance“: How authorities insecure 5G telephony“ weiterlesen

Europol to coordinate hacking authorities in Member States

European police should access computers and telephones with Trojan programs. Europol is now building up a „decryption platform“ in The Hague.

The European Union wants to support the Member States in intercepting telecommunications. Investigators should be able to penetrate private computers or mobile phones to install software to read encrypted messages. This was confirmed by the German Federal Ministry of the Interior (MOI) in response to a question by a Left Party Member of Parliament. The focus is on the police agency Europol, which has been commissioned to set up a „decryption platform“. „Europol to coordinate hacking authorities in Member States“ weiterlesen

Five million euros for Europol’s “decryption platform”

The EU is looking to improve its capabilities to circumvent and crack encryptions. Member states are to invest in hardware and software with Europol coordinating these efforts

The police agency Europol is set to receive a further 5 million euros to reinforce its capabilities with regard to decrypting content, as was reported by the European Commission in its Thirteenth progress report towards an effective and genuine Security Union. According to the report, the money will be set aside in the Europol budget for 2018. The Commission had already pledged these funds in its twelfth progress report, but did not disclose the amount until 24 January. Prior to this, the EU home affairs ministers had called for further support at their December meeting. „Five million euros for Europol’s “decryption platform”“ weiterlesen

New EU network of judicial authorities to combat the “challenges stemming from encryption”

The European Union intends to simplify investigative authorities’ access to encrypted content. This emerged from the replies to a questionnaire that was circulated to all Member States by the Slovak Presidency of the EU Council. After a “reflection process”, efforts in this area are, according to the summary of the replies, intended to give rise to a framework for cooperation with Internet providers. It remains unclear whether this will take the form ofa recommendation, regulation or directive.

The replies to the questionnaire are now being examined by the Friends of the Presidency Group on Cyber Issues (FoP Cyber), which also held discussions on “increasing tendencies to exploit encrypted communication in order to hide criminal activities, identities and crime scenes”. Those taking part included the European External Action Service, the European Defence Agency and other EU institutions. FoP Cyber’s recommendations will then be addressed at the meeting of the next Justice and Home Affairs Council in Brussels. „New EU network of judicial authorities to combat the “challenges stemming from encryption”“ weiterlesen

EU puts circumvention of encryption back on the agenda

The European Union is discussing access by law enforcement authorities to encrypted communications in a number of papers, working groups and new cooperation forums. The “crypto debate” begun around a year ago on ways to circumvent encryption or access protected communication has gained new momentum.

Most recently, the Luxembourg Council Presidency sent out a paper setting out the challenges posed by “Internet communication channels and multiple social media” to the Member States. The paper expresses the view that new “encryption based technologies” are increasingly hampering or rendering impossible effective investigations. According to this paper, these technologies are of particular significance not only in the area of “counter-terrorism policies”, but also of “anti-radicalisation measures”. „EU puts circumvention of encryption back on the agenda“ weiterlesen