Search

Begin New Search Topic Encryption

1. Cybersecurity Implications of Quantum Computing and Its Combined Use with Artificial Intelligence

Author:
Andrea G. Rodriguez
Publication Date:
01-2025
Content Type:
Journal Article
Journal:
Revista UNISCI/UNISCI Journal
Institution:
Unidad de investigación sobre seguridad y cooperación (UNISCI)
Abstract:
Quantum computing presents new market opportunities, but also significant challenges, particularly in areas such as cybersecurity. Although still in its infancy, quantum computing is maturing rapidly. If quantum computers can provide countries with new offensive capabilities - often in combination with artificial intelligence - it is arguably investment in the quantum communications agenda - in particular quantum networks - that can provide measures and actions to improve cyber defence.
Topic:
Science and Technology, Cybersecurity, Machine Learning, Encryption, and Quantum Computing
Political Geography:
Global Focus

2. CTC Sentinel: May 2024 Issue

Author:
Amira Jadoon, Abdul Sayed, Lucas Webber, Riccardo Valle, and Paul Cruickshank
Publication Date:
05-2024
Content Type:
Journal Article
Journal:
CTC Sentinel
Institution:
The Combating Terrorism Center at West Point
Abstract:
In the wake of Islamic State Khorasan (ISK) attack on March 22 in Moscow and a wave of thwarted plots by the group in Europe, there is growing concern about the international terror threat the network poses. In the feature article, Amira Jadoon, Abdul Sayed, Lucas Webber, and Riccardo Valle assess that “ISK’s nearly decade-long presence in its traditional strongholds of Afghanistan and Pakistan, coupled with its expanding reach and appeal among Central Asian populations and its prioritization of inspiring and coordinating transnational attacks as part of its growth strategy, underscores the multifaceted and evolving nature of the threat posed by this resilient terrorist organization … Despite ISK’s recent decline in attacks in Afghanistan, the group retains the determination and capacity to conduct destabilizing high-profile attacks in multiple countries. The group remains resilient, but more worryingly, it has learned to adapt its strategy and tactics to fit evolving dynamics, and exploit local, regional, and global grievances and conflicts.” Our interview is with Ahmad Zia Saraj who served as the General Director of the National Directorate of Security (NDS) of Afghanistan between September 2019 until the fall of Kabul on August 15, 2021. He recounts this turbulent period and the lessons learned. He warns that by using end-to-end-encryption, ISK can recruit, exchange information swiftly, plan, and execute international attacks. “Encrypted messaging apps have helped terrorists speed up operations, enhance operational security, save time, save travel costs, and to plan and execute and even monitor attacks in real time,” he says. “The NDS noticed that a newly recruited fighter does not need to physically attend a training camp to learn how to construct a bomb or how to target the enemy. All this can be done via a smart phone with less risk of exposure. Advancing technology has made it possible for someone to be trained in terrorist tactics in any part of the world, regardless of borders or travel restrictions. A terrorist in Afghanistan or Iraq can easily train another one in any part of the world.” Finally, Pete Simi, Gina Ligon, Seamus Hughes, and Natalie Standridge quantify the rising threats to public officials in the United States by reviewing a decade of federal data. They write that: “A review of federal charges for the past decade highlights that the number of threats to public officials is growing. While 2013-2016 had an average of 38 federal charges per year, that number sharply increased to an average of 62 charges per year between 2017-2022. Across the time series, ideologically motivated threats, on average, accounted for almost half of the cases, and the portion steadily increased year over year. A preliminary review of cases from 2023 and 2024 shows that the number of federal prosecutions is on pace to hit new record highs. The rising threat level may produce significant consequences for the U.S. democratic system of governance.”
Topic:
Science and Technology, Terrorism, Islamic State, Encryption, and Threat Assessment
Political Geography:
Afghanistan, Russia, Europe, Central Asia, North America, and United States of America

3. Data Protection or Data Utility?

Author:
Alexander Kersten and Issac A. Robinson
Publication Date:
02-2022
Content Type:
Special Report
Institution:
Center for Strategic and International Studies (CSIS)
Abstract:
Despite the economic upheaval wrought by the Covid-19 pandemic, the United States is now poised to enter a new period of productivity growth with the widespread deployment of artificial intelligence (AI) technologies. And just as past eras’ technologies have been driven entirely by the consumption of resources such as steam, coal, oil, and natural gas, this AI-driven period will rely on data. Yet, while this data-driven economic growth model has proven benefits to both individuals and firms, it also raises serious concerns over individuals’ data privacy. A key challenge in this regard is to ensure that data is handled securely and that the privacy of American citizens is protected. Because of the regard paid to data protection and privacy over the past decade, the proliferation of digitization has made privacy policy a part of innovation policy. However, until now, policymakers have viewed data use and data protection as trade-offs, with some nations adopting strict control of data flows. These measures have not been effective in practice; strict curbs have stifled innovation while doing relatively little to protect privacy. An alternative is to deploy promising cryptographic software solutions that can enhance privacy while still allowing access to data. This solution not only unlocks the commercial potential of data for use by firms, law enforcement, nonprofits, and researchers but also protects individuals’ privacy. Realizing the benefits of this win-win solution will require further development and widespread adoption of emerging cryptographic software solutions.
Topic:
Science and Technology, Innovation, Cyberspace, and Encryption
Political Geography:
North America and United States of America

4. Understanding the Encryption Debate in India

Author:
Anirudh Burman and Prateek Jha
Publication Date:
09-2021
Content Type:
Working Paper
Institution:
Carnegie Endowment for International Peace
Abstract:
Encryption has become a contentious instrument for protecting the security and confidentiality of online communication. Rapid digitalization in the past decade has led to the proliferation of domestic and foreign online communication services that use encryption and, consequently, pose challenges to national security bodies and law enforcement agencies (LEAs). To address these challenges, the Indian government introduced new regulations in February 2021. These regulations require large social media platforms to enable traceability, or the ability to provide information concerning the originator of online communications. Technology companies and privacy activists have opposed such a move on the grounds that traceability would require the breaking of the end-to-end encryption used by many online communication platforms like WhatsApp and therefore would compromise the security of online communications on such platforms. This traceability requirement, however, is only the latest development in a drawn-out, contentious debate over the use of encryption. The contestation between maintaining higher degrees of online security and issuing new rules to grant technological exceptions for security agencies and LEAs is not specific to India. One of the first serious discussions on the issue took place in the United States in the 1990s, when public opposition warded off an early government attempt to sidestep encryption protections with a court order. In the past decade, the use of encryption has only grown more pronounced. The revelations that the United States’ National Security Agency was collecting vast amounts of communications data led to the introduction and increased adoption of end-to-end encryption for online communications. End-to-end encryption is now used widely by online communication platforms like WhatsApp, Signal, and Threema. Its use presents law enforcement and national security agencies with new challenges. Even though these agencies today have greater and easier access to more information than ever before, the absolute confidentiality provided by encrypted online communication platforms makes it harder for these agencies to engage in real-time surveillance to investigate crimes and identity wrongdoers. While some policymakers from India and other countries argue that encryption must only be weakened to solve specific problems, most experts agree that, as of today, there is no technological solution that would weaken encryption for specific law enforcement and national security purposes, while managing to maintain preexisting levels of security and confidentiality for general use. The introduction of any mechanism for specific access would, it is claimed, introduce both known and unknown vulnerabilities into these communications platforms. Such a mechanism would have a systemic effect on all online communication dependent on encryption for ensuring security and confidentiality. In India, these developments create challenges in specific ways. For example, India reports the highest number of child pornography cases worldwide, and encrypted communications makes it difficult to identify culpable parties. Similarly, as India has digitized rapidly, there has been a surfeit of fake and offensive online news that has, in some cases, led to mob lynchings. In addition, terrorist networks have been found to be using encrypted communication channels while planning and carrying out terrorist attacks in India. Over the years, the Indian government’s approach to encryption has responded to these concerns in a variety of ways. Indian financial regulators mandated the use of encryption for banking and financial services as they realized the security of such transactions was best protected through encryption. At the same time, the Indian government prohibited telecom operators from implementing bulk or mass encryption in telecommunication services. Starting in 2015, the government introduced different regulatory proposals requiring that messaging platforms and other communication service providers provide plaintext copies of communications to Indian government agencies on request. These proposals, however, faced significant opposition and were withdrawn. Earlier in 2021, the Indian government’s new rules requiring traceability have been officially notified. The mechanisms through which they will be implemented are not yet clear. It is also unclear if these rules are the last demands the Indian government will make to weaken encryption, or whether further demands will arise in the future. To weigh the relative benefits and drawbacks of the Indian government’s proposal, analysts should consider relevant factors such as (but not limited to) whether such changes will offer law enforcement officials the access they desire, how the security of encrypted communications will be affected, and how citizens’ civil liberties will be impacted, among others.
Topic:
Security, National Security, Science and Technology, Law Enforcement, Digitalization, and Encryption
Political Geography:
South Asia and India

5. Weakened Encryption: The Threat to America’s National Security

Author:
Mieke Eoyang and Michael Garcia
Publication Date:
09-2020
Content Type:
Special Report
Institution:
Third Way
Abstract:
For years, law enforcement officials have warned that, because of encryption, criminals can hide their communications and acts, causing law enforcement to struggle to decrypt data during their investigation—a challenge commonly referred to as “going dark.” They called on technology companies to build a process, like a “master key,” to enable law enforcement to unlock encrypted communications. While this may seem like a tempting idea, it would have grave implications for our national security. As more and more of our communications move online, users seek out encrypted services to protect their privacy. Unlike telephonic communications, and despite repeated requests by law enforcement to do so, Congress has not required internet communications platforms to give law enforcement access to intercept user communications or access stored communications. In this paper, we assess the national security risks to a requirement to provide that master key (referred to throughout as “exceptional” or “backdoor” access) to encrypted communications and propose alternative approaches to address online harms.
Topic:
Security, Science and Technology, Cybersecurity, and Encryption
Political Geography:
North America and United States of America

6. August 2017 Issue

Author:
Aaron Brantly, Charlie Winter, Devorah Margolin, Michael Knights, Kristina Hummel, and Raffaello Pantucci
Publication Date:
08-2017
Content Type:
Journal Article
Journal:
CTC Sentinel
Institution:
The Combating Terrorism Center at West Point
Abstract:
After a respite from mass-casualty terrorism for more than a decade, the United Kingdom this past spring suffered three such attacks in the space of just 73 days, making clear it faces an unprecedented security challenge from jihadi terrorism. In our cover article, Raffaello Pantucci outlines what investigations have revealed so far about the March attack on Westminster Bridge, the bombing at a pop concert in Manchester in May, and the June attack on London Bridge and Borough Market. The early indications are that the Westminster attacker, Khalid Masood, had no contact with the Islamic State and the Manchester and London Bridge attackers were, at most, loosely connected to the group. The current threat environment, Pantucci writes, continues to be mostly made up of individuals and smaller scattered cells planning lower-tech attacks with very short planning and operational cycles—sometimes remotely guided by the Islamic State—rather than cells trained and dispatched by the Islamic State to launch large-scale, Paris-type attacks, but this could change as more British Islamic State recruits return home. Our interview this month is with Edward You, a Supervisory Special Agent in the Biological Countermeasures Unit in the FBI’s Weapons of Mass Destruction Directorate. While the full liberation of Mosul last month effectively ended the Islamic State’s caliphate pretensions, Michael Knights warns the Islamic State and other jihadis are already bouncing back in several parts of Iraq and more strongly and quickly in areas where the security forces are either not strong enough or not politically flexible enough to activate the population as a source of resistance. As the Islamic State transitions from administering territory to a renewed campaign of terrorism and insurgency, Charlie Winter and Devorah Margolin examine the Islamic State’s apparent lifting of its moratorium on using women as suicide bombers. In a commentary, Aaron Brantly argues that creating back-doors in encryption, or banning it, would create significant societal costs without stopping terrorists from accessing the technology.
Topic:
Gender Issues, Science and Technology, Terrorism, Weapons of Mass Destruction, Insurgency, Counter-terrorism, Women, Islamic State, and Encryption
Political Geography:
Iraq, United Kingdom, Europe, Middle East, and Global Focus