For more than a decade, WhatsApp has been the trusty sidekick for people worldwide. But what sets WhatsApp apart in this sea of messaging apps is its shield of security and privacy. This shield is the impenetrable fortress of End-to-End Encryption (E2EE), a cryptographic wizardry that thwarts man-in-the-middle attacks to ensure your conversations remain confidential and secure. Today, E2EE has become the secret ingredient for cutting-edge communication apps.
In this blog post, we’ll cover the most imperative concepts behind WhatsApp’s foolproof privacy, End-to-End Encryption (E2EE). We’ll also dive deep into how WhatsApp works and cover aspects like how it syncs your chat and data across multiple devices.
End-to-End Encryption (E2EE): A Bird’s Eye View
E2EE is a cryptographic technique that encrypts data in such a way that only the intended recipients can access that data. Unlike traditional encryption, where data can be decrypted at multiple points along its journey, E2EE ensures that messages remain encrypted from sender to receiver and can only be decrypted by the recipient and no one else, not even the service provider.
Understanding E2EE with an Example
Let’s dig deeper into E2EE and understand each step of the process using an example.
Say you’re Bob (the sender) and you’re sending a personal message to your friend, Alice (the receiver) using a messaging service provider. You want to ensure that only Alice can read it, even if the message is intercepted by someone else.
Exchanging Keys
The messaging service provider generates a pair of keys for both the sender Bob and the receiver, Alice. One of these keys will be a public key, and another one, a private key. The private key is guarded whereas the public key is available openly. Bob shares their public key with Alice and vice versa. These public keys are used to encrypt your message.
Encrypting the Message
Your message to Alice is now encrypted using Alice’s public key via a process called asymmetric encryption. It’s a lot like putting the message in a locked box that only Alice’s private key can unlock. Even if someone intercepts the message, they can’t make sense of it without the key.
Message Transmission and Decryption
Your encrypted message travels through the digital realm. When your encrypted message reaches Alice, Alice uses its private key – the exclusive key – to unlock the box and reveal the hidden message. Alice now see your message which remained confidential throughout its journey.
The Magic of E2EE
E2EE’s magic lies in the fact that only Alice’s private key can decode the message, and that key never leaves their possession. Not even the message provider has access to it. This ensures that even if hackers or snoops intercept the message, they can’t decipher it without the private key.
This is the base of how a platform like WhatsApp encrypts messages such that no one other than the sender and the recipient can read the messages.
WhatsApp’s E2EE
WhatsApp’s end-to-end encryption (E2EE) is built on the Signal Protocol, designed by Open Whisper Systems. This protocol ensures that when you send messages, photos, or videos to someone, everything is locked in a secure encryption box, and only the intended recipient has the keys to open it.
Every device and conversation has its own unique encryption keys. So, if somehow one device’s keys are compromised, your other devices remain safe. It’s like having unique locks for each door in your house.
When you switch devices, your conversation history is also encrypted making sure your past conversations remain safe.
We’ll discuss the exact mechanics of message transmission and E2EE in detail later. All the technical details in this article are a simplified abstraction of WhatsApp’s security whitepaper. You can dig deeper in the whitepaper to understand in-depth how encryption works in WhatsApp.
Role of Phone Number
The primary data point that identifies a user to a WhatsApp account is their phone number. WhatsApp links your phone number to your device, acting as a form of user identification.
Registration and Devices
The first time you register a device on WhatsApp or sign in, WhatsApp stores your phone number alongside a bunch of keys. This device is also known as the Primary Device. A primary device can only be an Android or an iPhone device.
Every other device you use WhatsApp on except the primary device is called a Companion Device. This could be your laptop or iPad where you access WhatsApp or any other device where you use WhatsApp web.
Public Keys
When you install WhatsApp, the following public keys are generated –
- Identity Key Pair is unique for every device and is used to verify the sender’s identity
- Signed Pre Key which is signed by the identity key and rotated on a periodic timed basis and plays a role in secure communication
- A One-Time Pre Key for one-time use which is replenished as needed, used to derive session keys
When WhatsApp registers your primary device for the first time, it creates and stores all the public keys on its own servers. These keys are also associated with the user’s identifier, i.e., their phone number.
Role of OTPs
To prevent unauthorized access, an additional layer of security is provided by One-Time Passwords (OTPs). When you set up WhatsApp on a new device, an OTP is sent to your registered phone number, ensuring that only the person with access to your phone can complete the setup process.
Setting Up & Creating Secure Sessions
When you send a message on WhatsApp, your device establishes a secure connection with the recipient’s device. In order to create a secure session, your device asks WhatsApp’s servers for public keys for you and your recipient’s devices.
Your device checks these keys to make sure they are secure and valid. Each key is accompanied by a digital signature. Your device uses these signatures to verify that the keys haven’t been tampered with during transmission. It also checks if the keys match the metadata about you stored on WhatsApp’s servers.
Then, it starts creating a secure session with each of your recipient’s devices.
This secure connection is unique for each device, so even if you chat with someone on multiple devices, each one has its own private channel.
Only in situations where you’re reinstalling the app or changing devices, you might need to rebuild these secure sessions. Otherwise, it’s only a one-time process.
Sending and Receiving Messages
Once the secure sessions are set up, you can start sending messages. Let’s break down how messages are exchanged securely on WhatsApp in simpler terms:
Message Encryption
A special message key is used to encrypt your messages using advanced encryption (AES256 in CBC mode). This key ensures that your messages cannot be unscrambled by anyone except the intended recipient.
Moreover, to make sure messages are genuine and not tampered with, they are also tagged with a special code called HMAC-SHA256 for authentication. This code ensures the message hasn’t been altered during transmission.
If you’re chatting with someone who has multiple devices (like a phone and a tablet), each message is separately encrypted for each of their devices.
For added security, the key used to encrypt messages (the Message Key) changes for every message. This means that even if someone somehow gets hold of an old key, they can’t use it to read new messages.
The Message Key comes from something called a Chain Key. This Chain Key keeps “ratcheting” forward with each message sent. Think of it like turning a key in a lock – it changes with each message. There’s also some complex math (ECDH agreement) happening in the background to create a new Chain Key for each message roundtrip.
Client-Fanout
Further, WhatsApp uses something called “client-fanout”. It is a technique to efficiently transmit messages to multiple devices associated with a user’s account. It ensures that messages sent to a user are correctly delivered to all their connected devices while maintaining end-to-end encryption by sending separate messages to each of your recipient’s devices.
All messages are encrypted using the same methodology regardless of their nature. So if you’re sending multi-media like images, videos, audio, location, etc. They’re also encrypted in the same manner.
Thus, WhatsApp doesn’t just secure text messages; it also extends E2EE to multimedia content. When you send an image, audio clip, or video, the content is encrypted before transmission and decrypted only on the recipient’s device.
Receiving Messages
When the recipient receives your message, they use the device’s private keys in combination with the sender’s public keys to unlock and read the message. They also create new keys for the next message.
Syncing Messages on Multiple Devices
One of WhatsApp’s unique features is its ability to sync messages across multiple devices while maintaining E2EE. Let’s understand how each step happens.
Before any interface is established between the two devices, we need to know that just like a primary device, a companion device also has its own public identifier key. Let’s call the companion device public Identity Key (Icompanion). This key is further used to create a special secret key (Lcompanion) for linking purposes. Importantly, Lcompanion is never sent to WhatsApp’s servers and is only stored locally.
Scanning the QR Code
When you first connect a new device, like WhatsApp Web, to your main WhatsApp device, you do it by scanning a QR code. Your main device scans the QR code on the new one and gets a special key, called
Lcompanion
. It saves this key. Now, your main device can recognize and connect with the new device using
Lcompanion
.
Creating Linking Data & Account Signature
In the next step, the primary device generates something called Linking Metadata (Lmetadata). It also creates a special Account Signature (Asignature) by using its private key to sign a combination of Iprimary, Lmetadata, and Icompanion. This signature is like a seal of approval for the companion device. It also generates a Device List Signature (ListSignature) for the updated device list.
The primary device packages all this data, including Lmetadata, Iprimary, and Asignature, into something called Linking Data (Ldata).
Storing Data in WhatsApp Servers
The primary device then creates a special code (HMAC) called PHMAC using Lcompanion and Ldata to ensure the process is secure. It can now send all this information, including ListData, ListSignature, Ldata, and PHMAC, to WhatsApp’s servers through a secure connection.
WhatsApp’s servers store the updated device list (ListData) and the device signatures (ListSignature). They then forward Ldata and PHMAC to the companion device.
Companion Verification
The companion device checks PHMAC for security, decodes Ldata to get Lmetadata, Iprimary, and Asignature, and verifies the Asignature to confirm that it’s from the primary device.
It also saves the Linking Metadata and the primary device’s Identity Key (Iprimary) to its memory.
Companion Device Signature
The companion device then creates a Device Signature (Dsignature) for itself, which is like its own seal of approval. It uploads this data, including Lmetadata, Asignature, Dsignature, Icompanion, and some other keys, to WhatsApp’s servers.
WhatsApp’s servers store all this uploaded data linked to your account and the specific device. At this point, data is synced between the two devices. This process happens between any N number of devices that a user uses for sending and receiving messages.
E2EE in Group Chats
Much similar to how E2EE works between a sender and a recipient, the same methodology is extended between multiple senders and multiple recipients in a group chat. Let’s explore this process step by step.
Initial Group Chat Setup
When someone sends a message to a WhatsApp group for the first time, a special secret key called a “Sender Key” is created for the group. This key is securely sent to each member of the group using the secure individual sessions we talked about earlier. This Sender Key is used to encrypt the message and make sure it’s only readable by the group members.
Sending Messages After Setup
After the Sender Key is set up, sending messages to the group becomes more efficient and secure. The sender uses the Chain Key to create a new Message Key for each message. Then, they use this Message Key to encrypt the message and sign it to make sure it’s authentic. This part is very similar to how messages are sent in general on WhatsApp securely using a unique encryption key for each message.
The sender sends this encrypted message to the WhatsApp server, and the server takes care of sending it to all the members of the group.
What if someone leaves the group?
To keep things safe, if someone leaves the group, all the group members refresh their Sender Key and start over. This way, even if someone leaves, the group’s messages remain secure. The same happens if someone else joins the group when the group already has a chat history.
How E2EE Backups Work
From personal conversations to group chats to backups, WhatsApp secures everything end-to-end.
How Backups are Encrypted
WhatsApp creates digital locks for your backups. When you enable E2EE backups, your backups get encrypted with a unique key. Once encrypted, they can be stored safely outside your device (like on iCloud or Google Drive).
Backups are Password Protected
Moreover, you can also choose to protect the backup encryption key with a custom password. When you want to access your backup, you can use your encryption key or your password. If you use your password, it’s checked by the secure vault. After a few wrong attempts, it locks you out to protect your data. This is extremely helpful in case someone is trying to brute-force crack your backups.
In order to access a password-protected backup, WhatsApp figures out the key from your password, and then this key is used to unlock and access your backups.
You can learn more about E2EE backups in-depth here.
Conclusion
End-to-end encryption lies at the heart of WhatsApp’s commitment to user privacy and security. By employing cryptographic techniques, WhatsApp ensures that your messages, media, and even group chats remain private, even when synced across multiple devices. As we continue to embrace technology, understanding the mechanisms that protect our personal data becomes increasingly important.
Remember, security is a shared responsibility. Regularly updating your app, using strong, unique passwords, and being cautious about sharing personal information contribute to maintaining the integrity of E2EE.
