Backdoor To WhatsApp End-To-End Encryption
A security vulnerability in WhatsApp’s end-to-end encryption could be putting millions of messages at risk, including yours!
A recent privacy threat on Facebook’s WhatsApp discovered by Tobias Bolter, a cryptography and security researcher at the University of California, Berkeley, has been causing an uproar in the community of user privacy advocates.
It exposes a vulnerability that can be exploited to intercept and read encrypted messages within WhatsApp’s end-to-end encryption system.
When WhatsApp put their end-to-end encryption system in place last year, their claim was that no one could read messages thereafter, not even back at the company’s servers where the messages are stored and transmitted, “because of the way their system works”.
Now that this backdoor has been discovered, we’re not sure of now much faith to put in their system.
First let’s start help you understand how encryption works:
Every user has a secret key and a public key. The latter is used to encrypt messages, while the former is used to decrypt messages. For example, your friend Smita sends a message. It is her public key that encrypts that message, ensuring its security, and it is her secret key that decrypts that message when it needs to be read. Without the secret key, the message in its encrypted format is unreadable.
So, how does this work on apps like WhatsApp that claim end-to-end encryption?
The most critical part of the encryption is getting the user’s public key for communication. Apps like WhatsApp and Messenger store their users’ public keys on central servers, and when you send someone a message, you reach for their public key to encrypt it, and on their end, their device decrypts it with their secret key.
This sounds pretty secure, so what could go wrong with this backdoor people are talking about?
Well, the fact of the matter is that these systems are not fool-proof. If servers are tampered with, then WhatsApp’s servers could give you a third party’s public key when you send the message out (hence, the message can also be decrypted with their secret key), leaving your message open to vulnerability.
Where it goes further wrong is when your friend decides to change her security key, either because she changed her device or reinstalled WhatsApp, or anything of this kind.
Ideally what should happen is that if and when she does that, you should receive a notification prompting you to validate her security code on her new device, so that you can ensure that the connection is secure before your messages that are in transit are delivered to your friend, or before new messages are sent to your friend. This, however, does not happen.
What happens instead is that your WhatsApp automatically validates this key, and sends all your messages to the new device, thus leaving your messages vulnerable to being hacked (or misdirected, if you want to call it that).
There is also a feature in your WhatsApp called “show security notifications”, which will provide you with a notification when a new key is received, but that will happen only when your messages have already been sent through, leaving you further vulnerable by building a guise of a security layer that is flimsy as smoke.
Something else you should know about:
This vulnerability also extends to WhatsApp calls.
When you call a friend and during the time a call connects you receive a new security key, your call will just connect to this new security key without alerting you.
Thus, you could be connected to a third party, instead of the intended friend, by methods of simple manipulation, and without your knowledge.
What does WhatsApp say about this?
WhatsApp argues that this element is a design decision, which increases usability by making sure messages are resent automatically instead of making the users click various ‘yes’ and ‘no’ options that might get cumbersome. That premise, of course, is contested, and a lot of users would arguably rather go through the cumbersome process (once in a while) instead of having their security at risk.
How dangerous is this backdoor?
Privacy campaigners believe that it can be a huge threat to freedom of speech since it allows for space for government agencies to use this backdoor to snoop on unsuspecting users who believe that their messages are secure.
While other security experts, on the other hand, believe that this is an accepted trade-off for most users of WhatsApp because it makes the service more user-friendly, instead of a cumbersome ordeal of notifications. They believe that the risk of user privacy being breached is remote, since this backdoor only allows for specific users or groups of users to be targeted, instead of mass surveillance.
Is this the same on every messaging app?
No, it isn’t. There are messaging apps like Signal which will not automatically accept your friend’s new security codes and won’t automatically send your in-transit messages forward.
They will instead notify you that your friend has changed security codes, and ask you if you still wish to resend your messages in transit to this new device. Thus giving the users an option to hold their messages back, and see if something fishy is going on in the line of communication.
What should you do to ensure the privacy of your messages?
There isn’t a sure-shot method to ensure the privacy of your messages, given this recent discovery of the loophole. The first thing you must do is not share sensitive information over platforms like WhatsApp.
And regardless of these loopholes, it is still a good idea to follow security protocols, and make use of the base layers of privacy provided by the apps. The only thing you must not do is take these layers of security for granted!
Also, in the face of this information that can obviously cause fear and paranoia, please do not switch to SMS or other platforms of text that transmit data in plain text. In doing that, you’ll only end up making yourself more vulnerable! One lock, after all, is better than none.
Basic WhatsApp Security Protocol:
For anyone you share sensitive information with, you must verify their “security codes” — in person. To do so, what you need to do is meet in person, go to your WhatsApp settings, go to Security, and scan the QR code presented on their device.
Doing this will ensure that each time you send them a message, it is sent to them, and not to a third party’s server via manipulated codes.
The second thing you must do is go to your Settings and activate the “Show Security Notifications” feature on your WhatsApp, to at least get a notification if your friends change security codes.
I hope this article helped. It’s not all doom-and-gloom out there, with this revelation. Things are still okay. and your data and communication should all be largely safe. However it is my job to keep you informed and advised.
Speaking of advise, you might want to move to Signal for instant messaging or Proton for emails, in case your habitual of sharing sensitive or intensely personal stuff while on the move.
Originally published at Chip-Monks.
