WhatsApp backdoor issue: The what and the how

The Guardian posted an article earlier this week which left majority of the WhatsApp users in a state of panic. The report quoted cryptography and security researcher at the University of California Tobias Boelter as claiming that due to a given “security vulnerability,” Facebook-owned WhatsApp could intercept and read encrypted messages that the users exchanged on the app.

“If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change of keys,” Boelter said.

What is he really referring to?

WhatsApp’s end-to-end encryption essentially relies on the generation of unique keys. This is done with the help of a Signal protocol developed by Open Whispers System, that is traded and verified between users to guarantee communications are secure and cannot be intercepted by a middleman. However, The Guardian piece describes a believable attack that WhatsApp’s given encryption system cannot stop.

Photo credit: Open Whispers System

In other words, if an attacker gained access to a WhatsApp server, he/she could forcibly reset the keys used to encrypt messages and install himself as the user thereby gaining access to the future messages exchanged between parties. Privacy campaigners feel that this vulnerability is a huge threat to freedom of speech and warned that it could even be used by government agencies as a “backdoor” to snoop on users.

However, WhatsApp rebutted these accusations. In a statement WhatsApp said that it would fight any government request to create a backdoor. “The design decision referenced in The Guardian story prevents millions of messages from being lost, and WhatsApp offers people security notifications to alert them to potential security risks,” the company added.

WhatsApp further clarified stating that the company has even published a technical white paper of its encryption design. The chatting app has been transparent about the government’s requests it receives, publishing data about these requests in the ‘Facebook Government Requests Reports.’

So where does the issue really lie?

WhatsApp’s end-to-end encryption relies on a set of keys that verify whether the sender and the receiver are, who they claim to be. But the receiver’s encryption key will change if the app is re-installed, the handset is replaced or there is a change of mobile number. In such cases, WhatsApp generates a new key for that user. During this time the sender’s encrypted messages are in a state of void, waiting to be re-sent. Once the message is re-sent, the sender is notified of the receiver’s key change.

WhatsApp’s end-to-end encryption relies on a set of keys that verify whether the sender and the receiver are, who they claim to be. But the receiver’s encryption key will change if the app is re-installed, the handset is replaced or there is a change of mobile number. (Photo credit: Open Whisper System)

The catch here is that the sender is notified of the key change only if the ‘Key Change Notification’ feature is on. The chatting app also offers users an added layer of verification through options like ‘Safety Number’ or ‘Security Code’ that both the parties can visually check and verify to know if they are using the same security code.

WhatsApp’s backdoor issue, not really an issue

Moxie Marlinspike, founder of Open Whisper Systems in contrast to The Guardian piece states, “This is something any public key cryptography system has to deal with. WhatsApp gives users the option to be notified when those changes occur.”

 “The fact that WhatsApp handles key changes is not a ‘backdoor,’ it is how cryptography works. Any attempt to intercept messages in transmit by the server is detectable by the sender, just like with Signal, PGP, or any other end-to-end encrypted communication system,” Marlinspike said.

He further states that the only reasonable question to ask in this scenario is whether WhatsApp should just delete messages in transit or hold them until a new key is generated.

What is interesting to note is that the Signal private messaging app unlike WhatsApp, isn’t vulnerable to the same attack. In the case of former, when the client detects a new key, it will block the message rather than risk sending it across, unsecured. On the contrary, WhatsApp will send that message anyway.

At the same time, American digital rights group, Electronic Frontier Foundation suggests that there is no backdoor or anything insecure about WhatsApp. “WhatsApp is not competing with Signal, but it does compete with many apps that are not end-to-end encrypted by default and don’t have to make these security trade-offs, like Hangouts, Allo or Facebook Messager.”

Safe or not?

The question is: Should WhatsApp require the user to manually verify the new key before continuing or should the app just continue without blocking the user? Either way, both the app and its users are left in a somewhat tricky situation. It is undeniably true that the messages on WhatsApp are encrypted by default, however; there is a demonstrated way for WhatsApp’s servers to break a given conversation’s encryption (as explained above). Thus, when a situation arises wherein WhatsApp comes face-to-face with uncomfortable legal demands, it would become difficult for them to not comply.

However, this does not make it a backdoor issue but simply a bad engineering decision. “End to end encryption is a good thing, but it’s really just the beginning of good security,” said Jonathan Zdziarski, a leading independent security researcher and forensics expert. “No question about it, this is good tech. But just like any tech it’s not perfect.”