UK Royal Society's #1 cybersecurity recommendation: don't backdoor crypto

The Royal Society, once presided over by Isaac Newton, is one of Britain's most respected learned institutions: that's why it matters so much that the organisation's new report, "Progress and research in cybersecurity," begins by demanding that government "must commit to
preserving the robustness of encryption,
including end-to-end encryption, and
promoting its widespread use. Encryption
is a foundational security technology that
is needed to build user trust, improve
security standards and fully realise the
benefits of digital systems."

The report comes as Theresa May takes office as the new Prime Minister of the United Kingdom, renewing her commitment to force through the Snoopers Charter, a sweeping mass surveillance bill whose first tactic is demanding that end-to-end encryption be circumvented so that online services can be deputised to snoop on and store their users' data for warrantless mass surveillance by government.

The rest of the report is also eminently sensible and makes for an excellent, quick read, too, but that first point is a shot clear across the bow of HMG and the security services, especially GCHQ, whose Edgehill programme spending a quarter-billion dollars a year sabotaging widely used crypto technologies to facilitate spying.

Trust is essential for growing and maintaining
participation in the digital society. Organisations
earn trust by acting in a trustworthy manner:
building systems that are reliable and secure,
treating people, their privacy and their data
with respect, and providing credible and
comprehensible information to help people
understand how secure they are.

Resilience, the ability to function, adapt,
grow, learn and transform under stress or in
the face of shocks, will help organisations
deliver systems that are reliable and secure.
Resilient organisations can better protect their
customers, provide more useful products and
services, and earn people’s trust.

Research and innovation in industry and
academia will continue to make important
contributions to creating this resilient and
trusted digital environment. Research can
illuminate how best to build, assess and
improve digital systems, integrating insights
from different disciplines, sectors and around
the globe. It can also generate advances to
help cybersecurity keep up

Progress and research
in cybersecurity
[Royal Society]

(Image: Royal Society entrance, Tom Morris, CC-BY-SA)