End-to-end encryption is a key feature of WhatsApp’s chat threads, helping users to keep their conversations private and prevent law enforcement or hackers from reading messages. The app uses the Signal protocol to create encryption keys verified between users. A weakness in the way it generates these keys has exposed a backdoor into the app, security researchers claimed today.
In a report published in The Guardian today, Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley, explained how WhatsApp can remotely generate new conversation encryption keys for existing chats. Neither of the participants in the conversation are informed and either can be offline at the time the new keys are created.
Once the new key has entered use, WhatsApp can remotely force the sender to retransmit their messages using the new encryption key. Because WhatsApp could set the key being used, it could hand a copy to law enforcement or use it to read the messages itself. The company could then obtain details of the users’ conversation, effectively intercepting the messages. According to Boelter, it’s evidence WhatsApp could comply with government requests for its data.
“If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys,” Boelter said to The Guardian. “Using the retransmission vulnerability, the WhatsApp server can then later get a transcript of the whole conversation, not just a single message,” he added.
Facebook-owned WhatsApp now has over one billion users and is one of the most popular communications platforms worldwide. The discovery will call into question the authenticity of its security claims though. Privacy campaigners described the revelation as “a huge betrayal of user trust,” another exposure of a hidden “gold mine” for security agencies, hackers and governments.
Boelter reported the backdoor to Facebook in April 2016. The company acknowledged the issue, describing it as “expected behaviour” that wasn’t currently being worked on. The Guardian said it has verified it still exists but WhatsApp and Facebook have denied it poses any risk to users.
WhatsApp insisted the alleged vulnerability is actually a considered feature of its platform used in message delivery. The system generates new keys for offline users to prevent messages getting lost in transit when a phone is unreachable. The company actively refuted the suggestion it deliberately created the backdoor, publishing a white paper on the design of its encryption mechanisms.
“The Guardian posted a story this morning claiming that an intentional design decision in WhatsApp that prevents people from losing millions of messages is a ‘backdoor’ allowing governments to force WhatsApp to decrypt message streams,” WhatsApp said to TechCrunch. “This claim is false.”
WhatsApp pointed to an optional setting in its app that can reassure users who are concerned about its encryption. Enabling the “Show Security Notifications” setting will display an alert when the encryption key for a conversation has been changed. This makes it obvious if the “backdoor” is used, whether maliciously or to ensure message delivery.
