The authors of the cryptographic part of WhatsApp, the company Open Whisper Systems, officially
announced the subject. Earlier, we
wrote several times about WhatsApp and indicated that it significantly loses in security to such a messenger as Telegram, not to mention Signal. WhatsApp itself has already supported end-to-end encryption, but only for Android (since 2014). Its integration for Android was also handled by Open Whisper Systems, whose experts are also authors of Signal. From today, WhatsApp
supports full end-to-end encryption not only for Android, but also for iOS, Windows Phone, and Blackberry OS.
To implement the encryption mechanism in WhatsApp, the Signal messenger library is used, which is considered to be one of the safest today and has received the maximum security
ratings of the EFF organization. The use of the above-mentioned library for end-to-end encryption ensures that data on the intermediate server is not only not decrypted, but also does not store any metadata information by which interlocutors can be identified.
')
All communication between whatsapp servers and whatsapp servers is encrypted. On-line phone, iPhone, Android and those users who want to use a wireless network for audio and video conferencing.
WhatsApp Encryption Overview
WhatsApp communication across all WhatsApps. This includes chats, chats, voice notes, voice notes, and voice calls across Android, iPhone, Windows Phone, Nokia S40, Nokia S60, Blackberry, and BB10.
WhatsApp's Signal Protocol integration is now complete
As the annotation shows, encryption is applied to all content that is sent, including, chats, group chats, attachments, voice notes, and voice calls.
However, the peculiarity is that the innovation is available in the new version of the messenger, which means that its older versions
should be updated to this version.
Fig. An application warning on iOS that indicates an outdated WhatsApp version of the recipient.
Fig. Setting up encryption in the new version of WhatsApp.
Properties of the encryption mechanism used:
- Very fast process of setting up a secure connection between the parties and starting after a pause.
- Metadata of connection is subject to encryption, which hides such service information from prying eyes. The transfer does not disclose any information about the parties to the connection.
- WhatsApp server does not store client authentication data. The parties authenticate themselves using a key pair (key pair) of Curve25519. The server stores only the public keys of the parties. Even in the case of the compromise of one of the servers of the messenger, this does not affect the privacy of correspondence.
You can read more about whatsApp end-to-end encryption mechanisms used
here .
See also
WhatsApp Security .