Among other things, it mentions:
When I opened WhatsApp yesterday, I was greeted with a prompt to read the fine print. Among other things, it talks highly about “End to end encryption.” WhatsApp even has a ridiculous 30-second video informing users about the existence of End-to-end encryption, without any attempt to explain it.
It was meant to assure me my messages were safe with WhatsApp. As I thought about it for a while, I grew skeptical.
Soon, I was sure. No, nothing was safe.
What is End-to-end encryption?
In plain terms, it means that no one except the intended recipient can read/view/access the sent information.
For those who don’t remember, this is the same term that got Zoom into a legal nightmare during the pandemic. It was not before June 2020 that free Zoom users got the hold of encrypted meetings. Zoombombing was a moment all mid-pandemic work-teams can’t forget.
First, how does normal encryption work?
Encryption is a very common feature of any distributed software system. The primary objective of encryption is that your data needs to be secured from wiretapping by external actors.
This inherently means that the server (and thus, the developer team) is the de-facto trusted entity. In exceptional cases, legal entities (NSA, CIA, FBI) too. We shall get to it later.
If your neighbor manages to hack your wifi network, he can access all your online activity. With unencrypted data, he can see it in plain-text, like this:
email@example.com — Password1234
However, with encryption, even with your neighbor sniffing it 24x7, he can only see this:
For those who are familiar, both are encrypted using AES with a secret that only I know (secret key: “mysecret”). In real applications, this secret will usually be chosen by the application creator (for example by using some cipher library such as Node.js crypto), and neither by the user himself nor necessarily by the user’s device.
This means that your data is secure from notorious wiretaps and hackers in-transit, but not from malicious actors within the server team.
This also means that the application server must have a way to store this secret (“mysecret” in the above example) to decipher the encrypted email and password when they hit the server during login. The same holds true for all other data exchanges between client and server.
This means that your data is secure from notorious wiretaps and hackers in-transit. But not from malicious actors within the application development team territory or crime investigation agencies. It is highly likely that your secret key is the single entity protecting all your data — to save server space and bandwidth.
To circumvent such easy exploits, it’s possible to hide “mysecret” using techniques such as hashing. Hashes are one-way. This means that “mysecret” will produce some gibberish such as “P1OxC+gPZ9zFhvqeHt4AFQ==” that will be stored on the server to later decipher email and password, but it doesn’t serve the purpose. In eliminating plain-sight access to the old key, hash becomes the new key.
One key granting access to all your lockers = Single point of failure.
Again, data being unreadable by the server isn’t desirable in most situations. For example, if you order a TV on Amazon, it must be able to decrypt your order + address to ship it from its warehouse.
However, this isn’t true in the consumer-to-consumer application, when the purpose of the application is to serve both parties, without server/any 3rd party meddling in the communication. Messaging is one such usage scenario.
To address the privacy concern + many other possibilities arising out of MITM (Man in the middle attack), end-to-end encryption was introduced.
Here is what end to end encryption promises:
When an application uses end to end encryption, it means the following:
- The sender’s data is encrypted right at the source. No one (even the application server) can decipher it. This includes text, audio, video — any form of data.
- The data is decrypted at the destination, on the devices that belong to intended recipients (mostly past some form of token verification). In the case of group messaging and calling, this happens on all the group members' devices every time they attempt to read a message or accept an audio/video call.
- If anyone (server guy, wiretapper, hacker, or law-enforcement) tries to decrypt the data in-between, the data becomes garbled.
How End-to-end encryption is implemented?
While this is not in the scope of this article, it would create a meaningful understanding of the concept.
It would also give some critical historical context on why Signal came to the forefront.
End to end encryption relies on the principles of asymmetric key cryptography (famously, Public Key Cryptography).
For the purpose of any communication system, every participant has two keys: A public key (known to the world) and a private key (only known to himself).
Because of their mathematical complexity, a huge number of them can be created, revoked, and regenerated at ease at any time. In other words, you are not restricted to a finite set of public/private keys during your lifetime. They are mathematically coupled with each other so that they can work together to derive the message content.
Any form of public-key cryptography requires that the sender and receiver have access to each others’ public keys. This in itself doesn’t assure the secrecy of the message (until the message is transformed using some combination of them), but it is the bare minimum requirement to confirm the authenticity of the sender/receiver.
Concepts of public-key cryptography have primarily to do with digital signing, and not the encryption itself, because its invention was to cater to the prevention of external bad actors (e.g. someone sitting between you and the server, impersonating you or the server). The Server was always considered sacrosanct.
It is a different matter that the same keys can be used to secure the content too.
Now, consider messaging systems. A server is inevitably involved. How to make a data packet that can be deciphered by the receiving party but not by anyone else? Who will guarantee that server will never roll out a patch to steal your private keys, read all your messages in the last year, and be done with it, to never getting caught for the act?
The beauty of DHM ensures that this secret number is totally random, unique for every message and must never be stored, so unlikely to be stolen by malicious or powerful insiders.
To address this, Diffie and Hellman introduced a secure key exchange algorithm in 1976, known as DHM (Diffie–Hellman key exchange). In 2002, Hellman renamed it to Diffie–Hellman–Merkle key exchange to pay homage to Ralph Merkle, the inventor of Public Cryptography — a concept we just explained above.
DHM ensures that besides public and private keys, there are a couple of secret numbers that only sender and receiver know to generate their shared secret — an entity with which all the messages are encrypted. The accompanying diagram describes it in a simplistic manner, but one can always delve deeper.
In real applications, instead of colors, the secret could be a private number randomly generated at the time of message transmission. This number, despite being different for both parties and unknown to each other, would produce the same shared secret using a mathematical formula involving prime numbers — for the given message.
The beauty of DHM ensures that this secret number is totally random, unique for every message, and must never be stored, so unlikely to be stolen by malicious or powerful insiders.
Because of the mathematical complexity of the shared secret, the processing grows every time a party is added to communication i.e. WhatsApp group calls and Zoom multi-user meetings. This is the reason there is a limit to how many participants could be part of an e2e encrypted group chat/meeting.
Why are we discussing DHM here? Because it was the foundation upon which Signal protocol was based, whose implementation is used by WhatsApp (+ Skype and now also Facebook Messanger) to call itself an end-to-end encrypted platform.
Based on Signal protocol, Open Whisper systems developed an android app called TextSecure, which was renamed to Signal in 2015. Creator of Signal, Moxie Marlinspike previously worked with the Twitter security team. Open Whisper Systems helped Facebook, WhatsApp, and Google in adopting end to end encryption in their messaging systems.
Why WhatsApp’s use of end to end encryption may no longer matter?
Soon after WhatsApp announced it may share data with Facebook, Elon Musk tweeted:
It doesn’t store our message content at all. Maybe, it never did.
To store users’ messages economically, one has to create a dedicated messenger used by billionaires only.
It’s highly unlikely it ever stored message content. The reason is not privacy but server + bandwidth capacity which is directly (sometimes nonlinearly) coupled with cost overruns.
Which company will pay a fortune to the cloud, only to store petabytes of user’s Hellos and Miss Yous, only to get into devastating privacy lawsuits?
To make it economically viable to store users’ messages, one has to create a dedicated messenger used by billionaires only.
What matters to users of WhatsApp is the information at the bottom: Connections. It doesn’t say it doesn’t store them, and it never said so, I believe. And it was OK because it was (at least publicly) never monetized.
Now, with the disclosure, your WhatsApp connections, just like your Facebook friends, is the property of Facebook.
WhatsApp always stores your message and call logs. If you delete your text message, it still stores the message timestamp. This means that your communication never goes untraced.
Facebook messenger can read your WhatsApp messages already:
Not that it’s doing it already. But with its app architecture, it’s possible.
This might come as bizarre. But it’s true.
In the iOS ecosystem (and am sure this can be possible in Android too), through a mechanism called app groups, it is possible to share app client DB across apps belonging to similar app groups (i.e.organizations).
End-to-end encryption is great, but it is yet not fully available in Facebook Messenger by default.
If you aren’t convinced, read this super-helpful article about how WhatsApp messages were stored unencrypted on an iOS device and are vulnerable to be accessed by Facebook messenger via app group mechanism. (Neither the source article nor myself claim it is already happening)
The diagram below shows a WhatsApp iOS chat database (possibly also shared by Facebook messenger) where everything including your phone number and text message content is stored in plaintext!
Step 1: Through app groups, the Facebook messenger has access to billions of WhatsApp messages in an unencrypted state.
Step 2: Facebook Messanger can upload them to Facebook servers, without end to end encryption in place.
Even if Facebook makes it the default tomorrow, no one knows what would happen with billions of WhatsApp messages already stored in plaintext in the last 6 years.
WhatsApp Messages aren’t the most private thing you should worry about:
Even with encrypted messaging, your conversation history is much more revealing about your business secrets than your messages
A potential scenario that Facebook could use:
You are the #1 toy reseller in your small town making enough profit. Your USP is a highly creative and genius toymaker in a nearby village no toy company knows about. You make a small fortune in your town with your not-so-vehemently kept secret.
You use WhatsApp to chat with your supplier frequently. With its gigantic AI, it’s quite easy for Facebook to infer he could be your business associate, based on your communication pattern. This is more likely now than ever since Facebook knows all your friends and relatives from its own database.
What happens when some billionaire toymaker buys Facebook ads targeted to your town? Your genius toymaker would appear as a supplier suggestion to the Facebook customer with a bigger pocket. Your entire business is gone.
Talk about Facebook holding a savior banner for small and medium business owners.
For anyone who believes this is speculative fear-mongering, simply go to the Facebook ad-creation portal and see the options at your disposal. Even with encrypted messaging, your conversation history is much more revealing about your business secrets than your messages and phone numbers.
Police only access your call history when you are a suspect in a crime. Facebook isn’t police. It has data. It has tools to visualize it in a much more meaningful manner. The above scenario is my imagination, and the probability of it being one in a million is quite near to 1.
WhatsApp payment app was launched in India and is now operating in Brazil too. With millions of resellers in developing countries who are mostly hapless about privacy even being an issue, the effect is devastating.
We are protected against unknown actors but have no control over what known actors will inevitably do.
End to end encryption is more about security than privacy. We are protected against unknown actors but have no control over what known actors will do.
With no legal programming rulebook to dictate rules of ethical data collection and interpretation, bad businesses would inevitably delay the point in time when users could control what happens to their data as soon as it leaves their fingertips.
With WhatsApp about to mingle its gigantic phonebook with FaceBook, the possibilities are enormous. But not unpredictable.