On March 24, EU governing bodies announced they had reached agreement on the most sweeping legislation for Big Tech in Europe, known as the Digital Markets Act (DMA). Considered an ambitious piece of legislation with far-reaching implications, the most prominent measure of the bill would require that every large technology company – defined as a company with a market capitalization of more than 75 billion euros or a user base of more than 45 million people – would have to do so in the EU — Build products that are interoperable with smaller platforms. For messaging apps, that would mean mixing end-to-end encrypted services like WhatsApp with less secure protocols like SMS – which security experts fear will undo hard-won achievements in message encryption.
The DMA’s primary focus is on a class of large technology companies known as “gatekeepers,” defined by the size of their audience or revenue and, more broadly, the structural power they can wield over smaller competitors. Through the new rules, the government hopes to “break up” some of the services offered by such companies to allow smaller companies to compete. That could mean users can install third-party apps outside of the App Store, external sellers rank higher in Amazon searches, or messaging apps need to send texts across multiple protocols.
The DMA’s primary focus is a class of large technology companies known as “gatekeepers.”
However, this could pose a real problem for services that promise end-to-end encryption: the consensus among cryptographers is that it will be difficult, if not impossible, to maintain encryption between apps, with potentially huge implications for users User. Signal is small enough that it wouldn’t be affected by the DMA regulations, but WhatsApp – which uses the Signal protocol and is owned by Meta – certainly would. The result could be that some if not all of WhatsApp’s end-to-end encryption is weakened or removed, depriving a billion users of the privacy of private messages.
Given the need for precise implementation of cryptographic standards, experts say there is no simple solution that can balance security and interoperability for encrypted messaging services. In fact, there would be no way to blend different forms of encryption across apps with different design characteristics, said Steven Bellovin, a renowned cybersecurity researcher and professor of computer science at Columbia University.
“Trying to reconcile two different cryptographic architectures is simply not possible. One side or the other will have to make big changes,” Bellovin said. “A design that only works when both parties are online will look very different than one that works with stored messages… How do you get those two systems to work together?”
“Trying to reconcile two disparate cryptographic architectures is simply not possible.”
Compatibility across messaging services can lead to a lowest-common-denominator design approach, according to Bellovin, where the unique features that made certain apps valuable to users are stripped back until a common level of compatibility is achieved. For example, if one app supports encrypted multi-party communication and another does not, maintaining communication between them would typically require the encryption to be dropped.
Alternatively, the DMA proposes a different approach – equally unsatisfactory to privacy advocates – in which messages sent between two platforms with incompatible encryption schemes are decrypted and re-encrypted when exchanged between them, breaking the chain of ” End-to-end encryption is broken, creating a point of vulnerability for interception by a bad actor.
Alec Muffett, an internet security expert and former Facebook engineer who recently helped Twitter launch an encrypted Tor service, told The Verge that it would be a mistake to think that Apple, Google, Facebook and other tech companies are identical and interchangeable products could easily be combined.
“If you walked into a McDonald’s and said, ‘In the interest of busting corporate monopolies, I want you to add a sushi platter from another restaurant to my order,’ they would rightly stare at you,” Muffett said. “What happens if the requested sushi arrives at McDonald’s by courier from the supposedly requested sushi restaurant? Can and should McDonald’s serve this sushi to the customer? Was the courier legitimate? Has it been safely prepared?”
Currently, each messaging service takes responsibility for its own security — and Muffett and others have argued that by requiring interoperability, users of one service are exposing users to vulnerabilities that may have been introduced by another. In the end, overall security is only as strong as the weakest link.
Another issue raised by security professionals is the issue of maintaining a coherent “namespace,” the set of identifiers used to identify different devices in any networked system. A basic principle of encryption is that messages are encoded in a way that is unique to a known cryptographic identity. Therefore, good identity management is fundamental to maintaining security.
“How do you tell your phone who you want to talk to and how does the phone find that person?” said Alex Stamos, director of the Stanford Internet Observatory and former chief security officer at Facebook. “There’s no way to allow end-to-end encryption without trusting each vendor to handle identity management… If the goal is for all messaging systems to treat each other’s users exactly the same, then this is it.” a privacy and security nightmare.”
“There’s no way to enable end-to-end encryption without trusting every vendor to handle identity management.”
Not all security experts have reacted so negatively to the DMA. Some of the objections previously shared by Muffett and Stamos were addressed in a blog post by Matrix, a project aimed at developing a secure, open-source communications standard.
Authored by Matrix co-founder Matthew Hodgson, the paper acknowledges the challenges that come with mandated interoperability, but argues that they are outweighed by the benefits that come from challenging the tech giants’ insistence on closed messaging ecosystems .
“In the past, gatekeepers have turned down the effort [interoperability] as not worthwhile,” Hodgson told The Verge. “Finally, the standard way of doing things is to build a walled garden, and once you’ve built one, you’re tempted to catch as many users as possible.”
However, since users generally like to centralize trust and a social graph in one app, it’s unclear whether the top-down imposition of cross-platform messaging will be reflected by the demand from the bottom.
“iMessage already has interop: it’s called SMS, and users really don’t like it,” said Alex Stamos. “And it has really bad safety features that can’t be explained by green bubbles.”