Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

No Backdoor, but WhatsApp Can Snoop Encrypted Conversations

A report emerged on Friday that the popular mobile messaging app WhatsApp packs a backdoor allowing its operator (Facebook) to tap into users’ end-to-end encrypted conversations, but experts have refuted the claim as an exaggeration and F.U.D.

A report emerged on Friday that the popular mobile messaging app WhatsApp packs a backdoor allowing its operator (Facebook) to tap into users’ end-to-end encrypted conversations, but experts have refuted the claim as an exaggeration and F.U.D.

WhatsApp’s end-to-end encryption relies on encryption keys exchanged between a sender and recipient and, while the platform could essentially read encrypted messages if the keys change and the people engaged in a conversation don’t verify the exchanged keys, this isn’t a backdoor, but rather a design choice.

The WhatsApp platform, one of the most popular mobile messaging services out there, uses Open Whisper Systems’ acclaimed Signal protocol for encryption. The manner in which the protocol has been implemented constitutes a backdoor that allows WhatsApp to read user messages, The Guardian reported.

For a long time, Facebook said that no one could tap into these conversations, and even claimed to have rolled out improved end-to-end encryption capabilities for WhatsApp following the Apple-FBI spat last year. According to this recent report, however, that’s not true, given that a “backdoor” provides the company with access to private conversations and potentially impacts over one billion users.

The “backdoor” was reportedly discovered by Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley, The Guardian says.

The protocol was implemented in such a way that it would allow WhatsApp to force the generation of new encryption keys when a message is sent to an offline user, and to also have the message re-encrypted using these keys, and re-sent.

These keys are issued without the sender’s or recipient’s knowledge, but only for messages that haven’t been yet marked as delivered. However, the recipient has no knowledge of this change, although the sender receives a notification, but only if they have opted-in to encryption warnings in Settings, and only after the message has been re-sent.

Claiming that the implementation actually represents a backdoor, The Guardian says that “this re-encryption and rebroadcasting effectively allows WhatsApp to intercept and read users’ messages.” Users fearing government surveillance are even advised to stop using the service immediately.

Advertisement. Scroll to continue reading.

According to Austrian penetration tester David Wind, the implementation doesn’t actually constitute a backdoor, although it allows for man-in-the-middle attacks and communication snooping. But such attacks are possible only when the sender and recipient “do not verify the fingerprints of the exchanged keys,” he says.

Based on Signal’s protocol, WhatsApp uses the Trust on first use (TOFU) concept for communication, meaning that, following initial exchange, a key is trusted as long as it doesn’t change. By default, Signal blocks the outgoing messages altogether when the key material changes, and doesn’t send new messages until the key has been manually verified. WhatsApp only notifies users of the change.

“Yes that’s true, WhatsApp is able to force the user to generate new keys,” Wind told SecurityWeek in an emailed response. “WhatsApp is able to issue a new public key to the user, where they have the private key for and therefore they would be able to generate the message encryption keys. Therefore they would be able to decrypt the messages. The problem with WhatsApp is that it send the message even when the keys change – Signal does not send the message when the key material changes.”

“But again, like I explained in my post: WhatsApp is closed source so nobody really knows what they are doing behind the scenes. It could be possible that the key verification of WhatsApp is in a way manipulated, that if a certain key is used (the one which WhatsApp uses to intercept messages), the key verification does not report anything bad. I don’t know it and I don’t believe it but it would be possible,” Wind also told us.

The issuance of new keys, however, can’t be considered a backdoor, mainly because this is a default setting of WhatsApp.

“If WhatsApp wanted to implement a backdoor, they would have done it in another way, they would have done it in a way which is more ‘silent’, I think,” Wind told us.

The researcher also notes that users can opt-in to be notified when the key material changes. One thing that users should keep in mind, however, is that a provider “always has the ability to intercept messages as long as the user does not verify fingerprints,” Wind says.

Former iOS developer at Open Whisper Systems Fredric Jacobs also points out that this is how the system was designed to work: “If you don’t verify keys, authenticity of keys is not guaranteed. Well known fact.”

According to WhatsApp, however, it chose to implement the protocol this way because users change devices, reset them, or simply go offline often. By re-issuing keys and re-sending messages, WhatsApp ensures that conversations can continue between two people on its platform, the company says. 

Responding to an email inquiry, a WhatsApp spokesperson told SecurityWeek that the design decision in WhatsApp prevents people from losing millions of messages and is by no means a backdoor.

“The Guardian posted a story this morning claiming that an intentional design decision in WhatsApp that prevents people from losing millions of messages is a ‘backdoor’ allowing governments to force WhatsApp to decrypt message streams. This claim is false,” the spokesperson told us.

“WhatsApp does not give governments a ‘backdoor’ into its systems and would fight any government request to create a backdoor. The design decision referenced in the Guardian story prevents millions of messages from being lost, and WhatsApp offers people security notifications to alert them to potential security risks. WhatsApp published a technical white paper on its encryption design, and has been transparent about the government
requests it receives, publishing data about those requests in the Facebook Government Requests Report,” spokesperson continued.

While user’s conversations might remain secure on WhatsApp, other data the application collects on them isn’t. Last year, the platform revealed that it shares user data with Facebook, and Germany took a stance on it in September. The data sharing between WhatsApp and Facebook raised concerns regarding user privacy and is likely to continue do so until the company ends it.

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Application Security

Open banking can be described as a perfect storm for cybersecurity. At one end, small startups with financial acumen but little or no security...

Government

The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.