Download Executive Summary Submission as PDF (1 Megabytes) or

Download Full Submission as PDF (18 Megabytes)

In 2009-2010 the European Network and Information Security Agency (ENISA) www.enisa.europa.eu made a call for Scenario Proposals on Emerging and Future Risks.

Synaptic Labs' proposal was then selected for study in 2010 in the area of Trust and Privacy. In this area ENISA was looking for proposals to identify major risks in the area of trust, security and privacy posed by new and emerging technologies and applications. ENISA restricted scenario proposals from including proprietary technologies. Synaptic participated in this Call with a scenario focused on the risks associated with the global dependency upon Public Key Cryptography (PKC) and Public Key Infrastructure (PKI).

Synaptic Lab's 3 page proposal satisfied all ENISA's submission requirements and was shortlisted by ENISA. Synaptic also submitted a supporting 56-page document.

The 3 page version (which appears below before the main document) can be considered as an executive summary of the longer (56-page) document, which is entitled: “The risks to current, emerging and, future technologies which rely on Government approved standards-based public key technologies with their known risks of catastrophic failure and potential to create cyber war, caused by the presence of multiple existing single points of potential trust failure, whereby one player can compromise the entire global system and the known future risks from code breaking quantum computers.”

"The problems with PKC and PKI are ' understood as issues already visible as possible future risks to network and information security ' and present a ' significant risk of undermining the smooth functioning of the Internal Markets '. Below we outline how our scenario has ' security problems already identified as global issues ' and that ' there is a need for closer cooperation at global level to improve security standards, improve information, and promote a common global approach to network and information security issues '.  Critically, international co-operation is required for PKI Succession Planning to prevent destabilisation of the Internal Market, prevent market fragmentation, and generally to protect EU interests. Today’s PKI architecture has already been found wanting and, according to unchallenged expert opinions published in documents generated by U.S. Cyber Security Initiatives, today’s PKI is also considered a significant barrier to the universal adoption of cryptography which is now believed necessary to increase cybersecurity and mitigate fraud and identity theft. There is an increased threat as a consequence of emerging global tensions and the escalation in the development of cyber war capabilities resulting in an increased sophistication of the perpetrators, whether they are nation states or individuals. There are no super powers in cyber space, with modern technology and readily available hacking tools every citizen is powerful. There is increased criticality because the emergence of the Internet has shifted more economic and social activity online, making security virtually synonymous with cybersecurity."

The European Network and Information Security Agency (ENISA) is an agency of the European Union. ENISA was created in 2004 by EU Regulation No 460/2004 and is fully operational since September 1st, 2005.

The objective of ENISA is to improve network and information security in the European Union. The agency has to contribute to the development of a culture of network and information security for the benefit of the citizens, consumers, enterprises and public sector organisations of the European Union, and consequently will contribute to the smooth functioning of the EU Internal Market.

ENISA assists the Commission, the Member States and, consequently, the business community in meeting the requirements of network and information security, including present and future EU legislation. ENISA ultimately strives to serve as a centre of expertise for both Member States and EU Institutions to seek advice on matters related to network and information security.

Benjamin Gittins, Ronald Kelson, "Synaptic Laboratory Limited’s Submission Responding to ENISA’s Call for Scenario Proposals on Emerging and Future Risks", March 2010