What is going on?
The process of encryption can be considered very much vital in the aspect of security. Australia is struggling with the concept of encryption due to the factor that the criminals are taking advantage of the concept for their purpose. The process as stated being security related which is beneficial on the other hand it can be stated that it could be sometimes play a dominating role for the hackers (Garg et al., 2016).
What are the facts?
The main facts can be related to the concept of encryption. The application, which involve encryption, may be altered in many ways. This make the access for the concerned authority when needed very much easy and hassle free. The key which re generated by an application would be restricted this would help the government to check for all the possibilities when needed. The government of the United States, which imposed this type of regulations for a period in the year 1990,’s (Hoang, 2014). These ones had the computing resources in excess amount for any of the entity concept. In a context it can be stated that it is, no longer the same case with is noted. These rules themselves are causing problem related to the security due to the factor that some of the applications can be tricked to insecure mode of encryption, which is traceable today.
What are the issues?
The main issue, which is faced, is that the Australian government wants to read the encrypted message in one go. It can be stated in this context is that the means of achieving this concept is unclear. The access of the encrypted message can be considered very much vital in the field of investigation as it can be considered as vital information for the purpose of proper investigation. If the message cannot be accessed due to the implementation of the process of encryption, it can be drawback for the investigation team. In order to justify the issue if the Government superimpose the users to use applications for messaging, which involve government access this, could lead to privacy issue (Hoang, Krovetz & Rogaway, 2015). The privacy of the user’s images and the video would not be meet and this could be a problem form the user’s point of view. The users always want privacy aspects in the field of messaging.
Who is affected?
The direct impact of the scenario would be on the investigation part. During a cybercrime investigation, it becomes a very vital aspect to get into the data of the scene (Blömer & Seifert, 2016). If the data is not accessed, it could affect the overall investigation and sometimes it could lead to data loss. The data in any type of crime can be considered important aspect. The criminals in the case take advantage of the technology in order to perform the crime. The criminals usually take the personal information of the user in most of the cases to gain benefit from them. The users are also directly affected in this case. There can also be loss of financial in some of the cases and in such cases; the raw data can play a vital role in the investigation part. The investigation in most of the cases needs to be in a fast pace in order to track the criminal in which the data should be actively available (Sahai & Waters, 2014).
What are the ethical issues and implications?
The main concern for the government for the Australia is that they want the access to the encrypted data. This is mainly for the purpose of the investigation. Relating to any crime, which is, performed over the concept of the internet the data, which is present in the concept of very much important for the purpose of the investigation. In any case, of loss of information it can be drawback on the part of the investigation (Bittau et al., 2016). The implications would be directly on the part of the investigation as well as the users. This is mainly done to keep the cyber criminals always from the scene. The main aim of the concept is to keep the data secured as well as available when required by a Government official any time for the purpose of investigation.
What can be done about it?
The thing, which can be done in this context, is end-to-end encryption process. Encrypted messages scrambles the original content of the message “plain text” into something that looks like a random gibberish, which is termed as “cypher text” (Lu & Tseng, 2017). This cypher text cannot be read as it is in the encrypted format. At the receivers end the cypher text is convert to plain text by means of a key. The key is a string, which is short in the form of a number or a text. The key gives direct access to the text for the purpose of conversion, without the access to the key; it cannot be feasible to get the plain text back (Hoang, Krovetz & Rogaway, 2015).
What options are there?
There can be many options, which provisions the security of the data as well as provisions the Government to get the text in case they need it. One of the options can be end-to-end encryption process where the data is kept secured and on the other hand, by means of key it can be decrypted. This can be stated as a two way process this facilitates the security in the section between the sender and receiver (Gorbunov, Vaikuntanathan & Wee, 2015). The implementation of the process of digital steganography can be another option if the Government wants to access the information (Garg et al., 2016). The process can give the assurance, which is related to the privacy of the data and the images, which is being transferred over the concept of messaging. On the other hand, it can be stated that in this concept anyone can download the original source code and loop into the system. This aspect can be termed as a loophole but in this scenario, there is no technique, which is secured.
Which option is best option and why?
The best option from the options, which are stated above, can be to provide end-to-end encryption to the messages. This would be helpful in achieving both the concept of securing the message as well as providing the framework, which is needed when encryption process has to be decrypted. The implementation has to be secured and involving all the security aspects involved into it. Cyber criminals always look for loop holes in a system which can be hacked and used for their own benefit, it should be taken into account that any process which involve transfer of data should be very much secured.
Bertoni, G., Breveglieri, L., Koren, I., Maistri, P., & Piuri, V. (2016). Error analysis and detection procedures for a hardware implementation of the advanced encryption standard. IEEE transactions on Computers, 52(4), 492-505.
Bittau, A., Boneh, D., Giffin, D., Handley, M., Mazieres, D., & Smith, E. (2016). TCP-ENO: Encryption negotiation option. Internet-Draft draft-ietf-tcpinc-tcpeno-01, IETF Secretariat.
Blömer, J., & Seifert, J. P. (2016). Fault based cryptanalysis of the advanced encryption standard (AES). In Computer Aided Verification (pp. 162-181). Springer Berlin/Heidelberg.
Gaj, K., & Chodowiec, P. (2017). Fast implementation and fair comparison of the final candidates for Advanced Encryption Standard using Field Programmable Gate Arrays. Topics in Cryptology—CT-RSA 2001, 84-99.
Garg, S., Gentry, C., Halevi, S., & Zhandry, M. (2016, January). Functional encryption without obfuscation. In Theory of Cryptography Conference (pp. 480-511). Springer, Berlin, Heidelberg.
Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., & Waters, B. (2016). Candidate indistinguishability obfuscation and functional encryption for all circuits. SIAM Journal on Computing, 45(3), 882-929.
Gorbunov, S., Vaikuntanathan, V., & Wee, H. (2015). Attribute-based encryption for circuits. Journal of the ACM (JACM), 62(6), 45.
Hoang, T. (2014, February). An efficient FPGA implementation of the Advanced Encryption Standard algorithm. In Computing and Communication Technologies, Research, Innovation, and Vision for the Future (RIVF), 2012 IEEE RIVF International Conference on (pp. 1-4). IEEE.
Hoang, V. T., Krovetz, T., & Rogaway, P. (2015, April). Robust authenticated-encryption AEZ and the problem that it solves. In Annual International Conference on the Theory and Applications of Cryptographic Techniques (pp. 15-44). Springer, Berlin, Heidelberg.
Lu, C. C., & Tseng, S. Y. (2017). Integrated design of AES (Advanced Encryption Standard) encrypter and decrypter. In Application-Specific Systems, Architectures and Processors, 2002. Proceedings. The IEEE International Conference on(pp. 277-285). IEEE.
Sahai, A., & Waters, B. (2014, May). How to use indistinguishability obfuscation: deniable encryption, and more. In Proceedings of the forty-sixth annual ACM symposium on Theory of computing (pp. 475-484). ACM.