End-to-end encryption is pretty important in the world of messaging, because there’s no telling who might be out there trying to read your communications. The problem is that these services tend to run on their own, with their own encryption and limiting your messaging to others on the same platform. Google thinks it’s time for a change.
Google has announced its support for a new standard that would allow for better interoperability between different messaging platforms. In particular, the RFC 9420 specification of the Internet Engineering Task Force (IETF) Messaging Layer Security (MLS) standard.
Google says it supports legislation pushing for better interoperability between large encrypted messaging apps, such as the European Union’s Digital Market Act. However, he notes that the diversity of platforms and the protocols they use would make it nearly impossible to do without some kind of industry standard.
Anything less, Google says, would end up lowering security and increasing implementation costs. Group messaging in particular would be impossible on all platforms, as every message and file sent would have to be encrypted and delivered multiple times to account for each service’s protocols.
The standardization benefits of MLS mean that developers would not need to spend time and resources on their own internal end-to-end encryption, while eliminating the security issues that can arise from trying to merge existing services and protocols into an interoperable network. Which sounds like a great idea, but it’s going to rely on everyone agreeing that this is a good idea.
RCS problem
Take RCS Messaging, for example. The idea itself is a pretty good one, with the system offering a much more advanced and secure way to send messages than SMS and MMS. You can send images, videos, files, text and emojis with end-to-end encryption, protecting them from prying eyes. Unfortunately, not everyone likes RCS.
Apple, for example, has consistently refused to implement RCS, no matter how much it improves communication between iPhones and Android devices. In fact, Apple has a habit of ignoring standards unless someone forces them to implement them, as we’ve seen with iPhone and USB-C.
The major difference here is that there are dozens of encrypted messaging apps with significant user bases and they should all get on board. Getting many people to agree on something is pretty hard, regardless of the benefits that might come from it.
How does this affect users?
When it comes to a universal encryption standard, the main benefit for users would be better support across different messaging platforms. By ensuring that each service’s encryption is the same, it’s a step forward in offering secure communications between platforms, something that wouldn’t be possible if each did its own thing.
If Google’s dream comes true, you could potentially be able to use iMessage to send encrypted communications to Facebook Messenger, WhatsApp, or any number of rival platforms.
Interoperability will require more than just encryption matching, and it will be up to developers to actually bridge the gap between them, whether by choice or because the law requires them to. But, if Google’s dream comes true, you could potentially be able to use iMessage to send encrypted communications to Facebook Messenger, WhatsApp, or any number of rival platforms.
Of course, there will no doubt be a need for measures to ensure the security of the new unified encryption protocol. If a flaw is found in one service, it is likely to be present in all of them, giving attackers access to a variety of messages they may not have had access to before.
It’s especially important to think about the ongoing attempts by world governments to compromise encryption for their own benefit. Like the proposed measures in the UK, which are so tough that Apple has threatened to withdraw iMessage and FaceTime from the region.
But at the same time, by going with an open standard, you have an entire industry pooling their resources to ensure that doesn’t happen. Rather than several smaller groups working on their own. This, combined with the work of white hat hackers, can also mean that security issues are resolved quickly and efficiently.
This assumes that everything goes according to plan and that different organizations are willing to cooperate and collaborate effectively. Because as good as a universal encrypted messaging standard sounds like, it’ll be interesting to see how much support a move like this gets in practice. Having Google’s backing is something, but it’s not enough to guarantee success.
More from Tom’s Guide
#Google #protect #messages #standardizing #encryption
Image Source : www.tomsguide.com