WhatsApp Encryption & What It Means
WhatsApp enable end-to-end encrypted by default and all the times. This new feature will ensure that a WhatsApp user’s messages, videos, photos sent over WhatsApp can’t be read by anybody else — not WhatsApp, not cyber-criminals, not law-enforcement organizations. Even calls and group chats will be encrypted on WhatsApp. WhatsApp chats just got a lot more secure, this chat app has turned on full end-to-end encryption.
WhatsApp co-founder Jan Koum announced the update on his Facebook page; he said that the company has been working on the feature for the last two years.
We’ve been working for the past two years to give people better security over their conversations on WhatsApp. I’m proud…
Koum wrote, “We’ve been working for the past two years to give people better security over their conversations on WhatsApp… People deserve security. It makes it possible for us to connect with our loved ones. It gives us the confidence to speak our minds. It allows us to communicate sensitive information with colleagues, friends, and others. We’re glad to do our part in keeping people’s information out of the hands of hackers and cyber-criminals.”
Whatsapp says that they are using the Signal Protocol made by Open Whisper Systems to power its privacy. According to a paper released by the WhatsApp, here is how messages on this App are encrypted:
Clients exchange messages that are protected with a Message Key using AES256 in CBC mode for encryption and HMAC-SHA256 for authentication. The Message Key changes for each message broadcasted and is ephemeral, such that the Message Key used to encrypt a message cannot be rebuilt from the session.” This also relates to calls and large file attachments send over Whatsapp.
Once you hit on the message, WhatsApp has arise menu clearing up what end-to-end encryption means. Users can authenticate if the encryption is working as well. If a user taps on verify, they will be taken to a page with a QR code, chased by a string of 60 numbers. If your friend is close, take their phone scan the code from your phone, then the chat is encrypted. When the codes match, a green tick appears. When it doesn’t there’s an exclamation mark in red alerting a user that the chat is not secure.