Most people believe that end-to-end encryption is the ultimate way to protect your secret communication from snooping, and it does, but it can be intercepted if not implemented correctly.
After introducing “end-to-end encryption by default“, now WhatsApp has become the world’s largest secure messaging platform with over a billion users worldwide.
But if you think your conversations are completely secure in a way that no one, not even Facebook, the company that owned WhatsApp, can intercept your messages then you are highly mistaken, just like most of us and it’s not a new concept.
Here’s the kick: End-to-end encrypted messaging service, such as WhatsApp and Telegram, contain a backdoor that can be used, if necessary, by the company and of course hackers, or the intelligence agencies to intercept and read your end-to-end encrypted messages, and that’s all without breaking the encryption.
And that backdoor is — TRUST.
No doubt most of the encrypted messaging services generate and store private encryption key offline on your device and only broadcast the public key to other users through the company’s server.
Like, In the case of WhatsApp, we have to trust the company that it will not alter public key exchange mechanism between the sender and receiver to perform man-in-the-middle attack for snooping on your encrypted private communication.
Tobias Boelter, security researcher from the University of California, has reported that WhatsApp’s end-to-end encryption, based on Signal protocol, has been implemented in a way that if WhatsApp or any hacker intercepts your chats by exploiting trust-based key exchange mechanism, you will never come to know if any change in encryption key has occurred in the background. YES, that’s possible.
Suppose user A and B want to chat, and for which WhatsApp has automatically exchanged their public keys through its server.
Now every message sent from user A will get encrypted using the private key of A and the public key of B, which can be decrypted by user B only, using the public key of A and the private key of B.
Suppose: User B is offline, and user A has sent some messages to user B. But meanwhile, for some reason, the user B had to change the device and reconfigured same Whatsapp account on it. A fresh installation will force user B to re-generate new public and private keys pair for the same account.
And, later, whenever user B will come online again, the device will receive rest of the undelivered messages sent by A.But How user B can decrypt messages, which were supposed to be encrypted using the old public key of B?
That’s because, when user B comes online again, Whatsapp automatically exchange new keys b/w users without informing them and to successfully deliver same messages, WhatsApp of A will re-encrypt them using the newly received public key of B.
This is where the backdoor relies in the whole mechanism!
If a hacker (suppose user C) intentionally replace the public key of B with its own, all undelivered messages will get automatically re-encrypted and delivered to C, which can only be decrypted by private key of user C (hacker). And It’s a well-known fact that usability and security are inversely proportional to each other, and choosing usability over security doesn’t end well.
“WhatsApp has implemented a backdoor into the Signal protocol, giving itself the ability to force the generation of new encryption keys for offline users and to make the sender re-encrypt messages with new keys and send them again for any messages that have not been marked as delivered. The recipient is not made aware of this change in encryption.” The Guardian reports.
However, users can receive notifications when security codes change, only if “security notifications” option has been turned ON manually from the app settings.
Meanwhile, Fredric Jacobs, who was iOS developer at Open Whisper Systems, also reacted on twitter and admitted that “if you don’t verify keys Signal/WhatsApp/… can man-in-the-middle your communications,” however he also added, “It’s ridiculous that this is presented as a backdoor. If you don’t verify keys, authenticity of keys is not guaranteed. Well known fact.”
Note that this backdoor has nothing to do with the Signal encryption protocol, created by Open Whisper Systems. It’s one of the most secure encryption protocols if implemented correctly.