Security

EU mandated messaging platform love-in is easier said than done: Cambridge boffins

Digital Market Act interoperability requirement a social challenge as well as a technical one


By March 2024, instant messaging and real-time media apps operated by large tech platforms in Europe will be required to communicate with other services, per the EU's Digital Markets Act (DMA).

How that will happen remains an unresolved technical and social challenge.

In a preprint paper, "One Protocol to Rule Them All? On Securing Interoperable Messaging," University of Cambridge doctoral candidate Jenny Blessing and security engineering professor Ross Anderson observe that the DMA is now law in Europe and messaging gatekeepers will need to comply, though it won't be easy.

"Designing a system capable of securely encrypting and decrypting messages and associated data across different service providers raises many thorny questions and practical implementation compromises," they say in their paper.

An EU interoperability workshop held earlier this month explored these issues and there too, participants acknowledged that interoperability is hard.

According to Blessing and Anderson, making encrypted end-to-end communication services interoperable will require novel protocols and processes, both technical and social, in order to be simultaneously secure and usable.

"Interoperability doesn't just mean co-opting existing cryptographic protocols so that one service provider can pass messages along to another – it encompasses the many supporting features and protocols that make up contemporary E2EE applications," the boffins argue.

"The resulting complexity of the system may inherently compromise the level of security due to the increased number of moving parts, just as key escrow mechanisms endanger cryptography even if the escrow keys are kept perfectly secure."

The DMA, they observe, calls for interoperating services to maintain security, but that's complicated. It's not just the end-to-end key exchange protocol in an encrypted comms app. A service may rely on a proprietary E2EE protocol that doesn't support forward secrecy (used to safeguard past messages) or doesn't rotate keys regularly. What constitutes grounds for refusing to interoperate?

Then there are the non-technical issues – how services cooperate with one another to tackle spam and abuse, how they deal with vulnerabilities and outages. Interoperability, the researchers argue, represents a dramatic expansion of the trust surface for messaging users, who now have to consider the practices and policies of gatekeeper partners.

Interoperability goal makes security more complex

Blessing and Anderson say there are two broad ways to approach message platform interoperability, a common protocol or platform-based open APIs for third-party connectivity.

Leading contenders for a common protocol include Matrix, Signal, and the IETF's MLS (Messaging Layer Security), the two computer scientists say. But variations in implementation – Signal, WhatsApp, Viber, Facebook Messenger, and others rely on different versions of the Signal protocol – make standardization difficult.

Given concerns that innovation is easier with a centralized, unfederated protocol than a federated, distributed scheme, Blessing and Anderson see platform API bridges as the more likely scenario, at least in the short term. Under this scenario, platforms would maintain their own E2EE protocols and offer a client-side interface for other messaging services to connect over a bridge.

But this approach also has challenges because gatekeepers – large platform providers – would need to create bridges for each different message provider and, as the boffins observe, this has security implications.

What's more, these APIs can't be entirely open due to the sensitive nature of the messages being handled. "Service providers will need a fair amount of latitude in their ability to deny access requests to continue to guard against malicious data scraping and mining, regardless of whether interoperable [messaging] is implemented through client-side bridging or an open standard," the researchers argue.

Blessing and Anderson step though the many technical hurdles and cite the difficulties Meta had beginning WhatsApp and Facebook Messenger together as a harbinger of the difficulties awaiting those carrying out the EU's interoperability mandate.

But it's the social obstacles that may prove harder to solve, they suggest, noting that some users so despise Meta that they won't use WhatsApp and ask friends to use Signal while others, such as those in Ukraine, consider Telegram to be a tool of the Russian government.

"Interoperability without robust moderation and interface design to make platforms pleasant to use is a nonstarter," the pair conclude. "Giving users a choice between platforms without giving them a platform they would want to spend time on is no choice at all." ®

Send us news
56 Comments

Euro cloud crew says we-won't-sue deal with Microsoft is 'off-track'

Overseas pals urge US tech giant to 'rapidly' work on Azure Local project to make things right – sans licenses

Watchdog ponders why Apple doesn't apply its strict app tracking rules to itself

Germany's Federal Cartel Office voices concerns iPhone maker may be breaking competition law

US cranks up espionage charges against ex-Googler accused of trade secrets heist

Mountain View clocked onto the scheme with days to spare

Why is Big Tech hellbent on making AI opt-out?

As Microsoft, Apple, and Google switch the tech on by default, what happened to asking for permission first?

Google's 7-year slog to improve Chrome extensions still hasn't satisfied developers

Makers of content blockers, privacy add-ons say promises weren't kept

If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish

Roses aren't cheap, violets are dear, now all your access token are belong to Vladimir

Diversity, equity, and inclusion is not an illusion, but it soon might be

Global tech corps wrestle with policy disparity on either side of the Atlantic

Microsoft wants to quit building Army VR goggles, hand contract to Anduril

Will the Pentagon get Luckey with a new IVAS vendor?

AI summaries turn real news into nonsense, BBC finds

Research after Apple Intelligence fiasco shows bots still regularly make stuff up

Microsoft open sources PostgreSQL extensions to muscle in on NoSQL

But will it set a real standard for MongoDB alternatives?

Google torpedoes 'no AI for weapons' rules

Will now happily unleash the bots when 'likely overall benefits substantially outweigh the foreseeable risks'

Amazon, Google asked to explain why they were serving ads on sites hosting CSAM

And US government adverts at that, say senators