WhatsApp adds secure message encryption
WhatsApp recently announced that it has added end-to-end encryption to all its messages. We previously looked at how governments spy on your mobile but what is the implication of this change for the over one billion people who use the application? And what does encryption actually mean?
Seen in the light of the recent battle between Apple and the FBI to give the security agency access to private messages and information, this is a significant move by the Facebook-owned company. It means that WhatsApp are physically unable to give third parties access to messages, images, and even voice recordings since the messages are encrypted and the company has no access to the content of these messages. The company is one of first communication platforms to offer full end-to-end encryption, which is on by default. It is likely that other companies will offer a similar service soon.
“The desire to protect people’s private communication is one of the core beliefs we have at WhatsApp, and for me, it’s personal”, said Jan Koum, one of the app’s founders who was raised in Ukraine under Soviet rule. “The fact that people couldn’t speak freely is one of the reasons my family moved to the United States,” he said on WhatsApp’s official blog page.
End-to-end encryption is the jumbling of information using a “key” to then decrypt it. What happens is that each party has a couple of keys, one which is public and one which is private. Only the sender and recipient of the message are able to see the contents of the message. True end-to-end encryption is known as “zero knowledge” which means the platform responsible for hosting the message (WhatsApp) has no knowledge whatsoever of the information contained within the message.
Users do not need to activate encryption. It happens automatically and also applies to WhatsApp calls. You can check if encryption is working by tapping on the message which comes up after you have sent your message. It should read as follows: “Messages that you send to this chat and calls are now secured with end-to-end encryption.” You can then view a QR code and a 60-digit number. You can also scan your QR code or compare the 60-digit number with the person you are chatting with. We’d also recommend updating your security settings so all security messages are displayed – this might help you avoid man in the middle attacks that could compromise your communications.
The decision to enable end-to-end encryption on all WhatsApp communication has not met universal approval. Many governments are unhappy that there is no way to access private messages and in the UK politicians have proposed banning the technology or forcing companies to install backdoors that would weaken the security so that messages can be read by spies.
Of course, this shows an alarming level of technical illiteracy and failure to think through consequences by politicians. Not only will intentionally weakening encryption technology have severe and troubling repercussions for the functioning of the internet as a whole, it is trivial for anyone with nefarious intentions to simply switch to other, mathematically-proven, encryption algorithms and it will only weaken the security of normal people.
Recent Comments