WhatsApp Finishes Rolling Out End-To-End Encryption; Now Covers Group Messages, Media

from the backdoors-salesmen-en-route-to-Congress-as-we-speak dept

Tue, Apr 5th 2016 2:01pm — Tim Cushing

More good news on the secure communications front: WhatsApp has finally implemented full end-to-end encryption -- for everyone. Late in 2014, WhatsApp began rolling out its end-to-end encryption, but it was limited to one-to-one communications and did not cover messages containing media. Now, it's everything, including group messages.

This means that if any group of people uses the latest version of WhatsApp—whether that group spans two people or ten—the service will encrypt all messages, phone calls, photos, and videos moving among them. And that’s true on any phone that runs the app, from iPhones to Android phones to Windows phones to old school Nokia flip phones. With end-to-end encryption in place, not even WhatsApp’s employees can read the data that’s sent across its network.

Law enforcement -- particularly the Justice Department -- can't be pleased with this full implementation. Even if a warrant is obtained, WhatsApp cannot produce message content in response to these or other court orders. And from what we've seen, WhatsApp may be the next target of the FBI and its All Writs wrangling.

While this does have its implications for law enforcement in the US, it will likely have more of an impact in other nations where citizens are protected by fewer privacy-related rights -- which is where most of its users are located. Whether or not this will result in more futile arrests of Facebook execs remains to be seen.

As the messaging app's creators point out, even if you believe your government is basically good, you should still support (and use) encrypted communication options.

The argument can be made: Maybe you want to trust the government, but you shouldn’t because you don’t know where things are going to go in the future.”

As we've seen in the aftermath of the Paris and Brussels attacks, governments -- including their law enforcement agencies -- are often prone to expanding government power and weakening citizens' rights. It only takes one successful attack to send a nation down previously unimaginable paths. Might as well have your communications protected just in case. And, as for law enforcement's sudden "lack" of access? It might help to keep in mind that people chatted for hundreds of years without creating permanent records of their conversations and criminals were somehow still arrested and punished.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: encryption, fbi, messaging, privacy
Companies: whatsapp

19 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 5 Apr 2016 @ 2:17pm

Of course since the app is closed source we'll just have to take their word for it!
[ link to this | view in chronology ]
- Anonymous Coward, 5 Apr 2016 @ 3:00pm
  
  Re:
  I can't imagine why anyone would have any trouble taking Facebook's word for something!
  [ link to this | view in chronology ]
- JBDragon (profile), 5 Apr 2016 @ 4:36pm
  
  Re:
  No Encryption is 100% perfect. You can find holes in the weak spots. It just can't be 100% encrypted. Otherwise it wouldn't run. People wouldn't be able to read their messages, etc.
  
  There's Pro's and Con's to Open Source and Closed Source. It's a Messaging App. If the FBI breaks in, what are they going to see that you care about? Does it have Nude Pictures of your Girlfriend? Medical History? Banking Info? So on and So on like a Smart phone??? Is someone going to steal your personal Identity breaking into Whatsapp?
  
  If what you're texting is really important that you don't want anyone or any Government to see and read it, maybe Whatsapp isn't the one to use. Especially being Facebook owned!!! It's almost as bad is Google which flat out is a Advertising Company. All they do is spy on everything you do.
  
  While iMessage is Encrypted and always has been, anything part of iCLoud, Apple still has the keys for and can get into that Data for the FBI. At least for now.
  [ link to this | view in chronology ]
This comment has been flagged by the community. Click here to show it

Anonymous Coward, 5 Apr 2016 @ 2:59pm

Sweet, more Facebook fluff from TD!
[ link to this | view in chronology ]
Roger Strong (profile), 5 Apr 2016 @ 3:05pm

As I've said before, instead of calling it encryption we should be calling it Digital Rights Management. Which it is; it's just that it's the user who manages the rights to the encrypted data.

That way the FBI and others who declare jihad against encryption would be declaring jihad against DRM.
[ link to this | view in chronology ]
- JBDragon (profile), 5 Apr 2016 @ 5:20pm
  
  Re:
  I like your thinking.
  [ link to this | view in chronology ]
Papa Bogdan, 5 Apr 2016 @ 3:33pm

How are they unable to decrypt messages?
Whatsapp is encrypting messages for storage and then decrypting messages so users can read them ... so given a court order, how are they unable to comply? Is the app creating a unique 256-bit key on each client system? Does that mean my Android Whatsapp is unable to decrypt messages made by my iPhone Whatsapp? Since that's likely not the case, Whatsapp's servers contain all these keys.
[ link to this | view in chronology ]
- Anonymous Coward, 5 Apr 2016 @ 4:25pm
  
  Re: How are they unable to decrypt messages?
  What Whatsapp claims is that the messages are indeed encrypted using keys held only by the endpoints. This should mean that you can't read the messages on any other device.
  
  Apple gets around this with its Messages app by encrypting the key against your AppleID so that while the encryption key might ineed reside on their iCloud server, they can't decrypt the key to use it without knowing your password. Each device that uses that iCloud account has to register and get its own signing tokens.
  
  Whatsapp could theoretically do this too, but I highly doubt that they have. Someone who runs it on both an Android device and an iOS device could probably clarify one way or the other.
  [ link to this | view in chronology ]
Anonymous Coward, 5 Apr 2016 @ 4:25pm

The NSA may already control the servers, so they don't need to worry about the encryption part.
[ link to this | view in chronology ]
- nasch (profile), 6 Apr 2016 @ 9:46am
  
  Re:
  The NSA may already control the servers, so they don't need to worry about the encryption part.
  
  With end to end encryption, intercepting the message doesn't help. It doesn't matter what server they have compromised, they still wouldn't be able to read any messages. They would have to compromise end user devices.
  [ link to this | view in chronology ]
Anonymous Coward, 5 Apr 2016 @ 4:26pm

>Is the app creating a unique 256-bit key on each client system?

From the description, there would have to be a distinct (not necessarily-256-bit) key for each person and each group. The personal key might well be a public-key scheme.

So the process might go something like:

Alice wants to create a group. She creates a local key for it. The server doesn't know that key, just knows that there is a group.

Alice sends Bob an invite to the group, including the group key, encrypted via Bob's public key. The message travels through the server encrypted end to end.

Now Alice and Bob can create content, encrypt it locally using the shared group key, and upload to the server. Anyone invited into the group can download that content from the server, decrypting it locally.

I'm sure professionals could come up with something more sophisticated, and better protected from off-server attacks. And, of course, this is all still trusting the server to honestly transmit public keys between users (it could execute the usual man-in-the-middle attack under some circumstances.)
[ link to this | view in chronology ]
- Ninja (profile), 6 Apr 2016 @ 4:02am
  
  Re:
  If you use the public key to transfer the private ones and then destroy the data transferred then it should be mostly ok. Even if the public key is compromised, groups that were created before will be safe. I think it's a good solution to implement end-to-end encryption without requiring much crypto knowledge from the users. Sure it doesn't offer the best end-to-end security possible but it's enough to make Govt abuse and criminal activity against the users quite harder.
  [ link to this | view in chronology ]
Anonymous Coward, 5 Apr 2016 @ 5:09pm

Between you and your app is a hardware layer. As good as that app may be, it cannot prevent this often-compromised-by-default layer from also transmitting unencrypted keystrokes behind your back to the PTB.
[ link to this | view in chronology ]
Hans, 5 Apr 2016 @ 5:35pm

But, but, but...
Going Dark! (TM)
[ link to this | view in chronology ]
blahblah, 5 Apr 2016 @ 7:04pm

Content is king!
"Even if a warrant is obtained, WhatsApp cannot produce message content in response to these or other court orders."

Yes they can. The only catch is the content will be encrypted.
[ link to this | view in chronology ]
That One Guy (profile), 6 Apr 2016 @ 1:05am

And they have only themselves to blame...
Of course the best part about this whole push towards stronger encryption, encryption by default, and encryption that companies cannot themselves crack is that it was primarily in response not to the actions of your average criminals but the actions of governments and police showing absolutely no restraint and grabbing everything that they could, just because they could.

Once it became clear that those that were supposed to be protecting the public had absolutely no interest in protecting the privacy and security of the public, and in fact seemed more interested in undermining both, companies and individuals stepped in to do it themselves, leading to cries of 'Not fair!' and 'You're not allowed to do that!' from the voyeurs that are suddenly finding their easy access to private data at risk.
[ link to this | view in chronology ]
mike acker, 6 Apr 2016 @ 5:15am

Intel Management Engine
the security battle is shifting into the firmware

AMD has this too: Platform Security Processor

stuff is related to UEFI

it will appear in ARM as sure as sunrise as various commercial and government interests will hike through hell before they give up access to, and control over computers and networks
[ link to this | view in chronology ]
Anonymous Coward, 6 Apr 2016 @ 5:57am

Not necessary to create a Group Key
From the description, there would have to be a distinct (not necessarily-256-bit) key for each person and each group. The personal key might well be a public-key scheme.
Not necessarily, it would seem quite possible that the sender could send individual messages to EACH of the group members using their public key. This way you don't need a key for each group (a group is just multiple individuals).
[ link to this | view in chronology ]
- Eldakka (profile), 6 Apr 2016 @ 7:02pm
  
  Re: Not necessary to create a Group Key
  The problem with your approach tho is that if you had, say, a group of 50 people, this would mean you'd have to encrypt a single message 49 times, once for each member (apart from yourself).
  
  Encryption is quite an expensive process, running encryption across say a 1MB jpeg 49 times would be very expensive.
  
  Having a unique encryption key just for that group chat, with each group member having a copy, means a single encryption process for every member to receive an encrypted message.
  [ link to this | view in chronology ]