Things to Know About WhatApp's End-to-End Encryption
BENGALURU: Earlier this week, WhatsApp has enabled end-to-end encryption that means all the text messages, videos, pictures and voice calls are only visible to the respective users. This restricts WhatsApp, cyber-criminals and Government from peaking into the conversation even if they want to, reports IE.
The co-founder of WhatsApp, Jan Koum, posted on his Facebook page that team of engineers at WhatsApp took nearly two years to perfect this feature. “We’ve been working for the past two years to give people better security over their conversations on WhatsApp… People deserve security. It makes it possible for us to connect with our loved ones. It gives us the confidence to speak our minds. It allows us to communicate sensitive information with colleagues, friends, and others. We’re glad to do our part in keeping people’s information out of the hands of hackers and cyber-criminals,” stated in the Facebook post.
Wondering, how end-to-end encryption works?
WhatsApp leverages “Single Protocol” for encryption that is designed by Open Whisper Systems. The end-to-end encryption White Paper from WhatsApp explains the work structure of the spoken feature. “Once the session is established, clients do not need to rebuild a new session with each other until the existing session state is lost through an external event such as an app reinstall or device change,” explains the company.
“Clients exchange messages that are protected with a Message Key using AES256 in CBC mode for encryption and HMAC-SHA256 for authentication. The Message Key changes for each message transmitted, and is ephemeral, such that the Message Key used to encrypt a message cannot be reconstructed from the session,” the paper elucidates how the messages are encrypted. Further, the paper ensures the end-to-end encryption to large attachments and calls.
Unlike Telegram’s ‘secret chat’ where the users have to particularly select this option, WhatsApp’s end-to-end encryption is a standard feature that will be active at all the time. However, the users have to update the app in their Smartphones and there is no option to turn off this novel feature in the app.
Additionally, the two users have to be in the same version of WhatsApp for the encryption to work. If a user has updated the app recently and another user did not update, there are chances that the encryption of conversation may fail. When you receive a message that reads, “Messages you send to this chat and calls are now secured with end-to-end encryption. Tap for more info.” This is the portal to setup and verify the encryption for the conversation.
By tapping the message, the user gets to verify whether the feature is working or not. To process this verification, the user should have his friend next to him so he can scan the QR code from the user’s Smartphone to authenticate the user. A green tick mark appears, if the QR code matches on both the devices. If the QR code doesn’t match, it will turn into an exclamation mark signifying that the conversation is not secure.
Read Also: HP Inc Unveils Nextgen, Ultra-Secured Printers For Businesses
