Douglas Stebila
A real-world law-enforcement hack: the case of Encrochat
Abstract
In 2020, a coordinated law-enforcement effort infiltrated Encrochat, an end-to-end encrypted service provider, exfiltrating historical and real-time data and metadata over months. Encrochat was used extensively by organised crime, and the data from the operation was used as supporting evidence in over 6,000 arrests and related prosecutions across Europe. Encrochat's architecture was vertically integrated, with the company acting as both a device vendor and service provider; Encrochat sold modified Android smartphones with its own PKI and custom applications, including encrypted messaging based on the Signal protocol. In this work, we give the most detailed public account to date of Encrochat's infrastructure and how it was compromised.
Keywords: encrypted messaging, Encrochat, Signal protocol
Reference
Martin R. Albrecht, Sunoo Park, Michael A. Specter, Douglas Stebila. A real-world law-enforcement hack: the case of Encrochat. In Advances in Cryptology -- Proc. CRYPTO 2026, LNCS. Springer, August 2026.
Download
Presentations
- 2024-10-08: Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) 62nd General Meeting, Toronto. (PDF slides)
- 2024-08-18: Workshop on Attacks in Cryptography 7 (WAC7). (PDF slides)
BibTeX
Funding
This research was supported by:- Natural Sciences and Engineering Research Council of Canada (NSERC) Discovery grant RGPIN-2022-03187