Does end-to-end encryption remove risks?
The story so far: In recent weeks, television news channels have shared leaked WhatsApp chats of film actors in their coverage of actor Sushant Singh Rajput’s passing away. This has led to questions about whether communication over platforms such as WhatsApp is secure or not. It prompted Facebook-owned WhatsApp to come out with a statement on its use of end-to-end encryption to secure user messages.
Does WhatsApp have access to chats?
No. Since 2016, WhatsApp has installed an end-to-end encryption system, which, as its FAQ section says, “ensures only you and the person you’re communicating with can read what’s sent, and nobody in between, not even WhatsApp”.
Governments across the world see end-to-end encryption as a huge issue when it comes to law enforcement. While WhatsApp says it responds to requests from law enforcement agencies “based on applicable law and policy,” it is not clear what kind of data it would have to share. News reports have mentioned that these could be in the nature of metadata such as mobile number, IP address, location, and so on.
How is WhatsApp designed to ensure such secure communication?
WhatsApp uses the encryption protocol developed by Open Whisper Systems, a project known best for its Signal app, which also uses the same open-source framework to ensure privacy. Whistle-blower Edward Snowden’s quote — “I use Signal every day” — is prominently displayed on the application’s homepage. Many closed messaging applications now use the Signal protocol.
What is the technology behind this?
The technology that forms the basis for this is called the ‘Diffie-Hellman key exchange’. In a 1976 paper titled, New Directions in Cryptography, Whitfield Diffie and Martin E. Hellman saw the futility of the old ways of sharing a key securely (say, by “sending the key in advance over some secure channel such as private courier or registered mail”) in the emerging digital world. They proposed a way for secure communication via a method of a shared secret key, and that too when the communication is over a not-so-secure channel.
This is all about high math, but one way to understand the broad concept, used by many experts, is by way of colours. In the world of imagination, a shared secret colour is the shared secret key between two communicators, who we will call A and B. (There are many versions of this example on the Internet.) A and B need to communicate without anyone eavesdropping. They first agree on a public colour (say, yellow). The two communicators then choose their own private colour, which is not to be shared with anyone. Say A chooses red and B, blue. They then individually mix their private colour with the public colour and send the mixture to each other. Note that the eavesdroppers can figure out the public colour and the mixtures. But there is one more step. B’s mixture (some sort of green) at A’s end is added with A’s private colour (red), and A’s mixture (some sort of orange) at B’s end is added with B’s private colour (blue). They both arrive at the same secret colour after the final step. There is now a shared secret colour key.
The message that also needs to be understood is that while it is easy to add colours, it is difficult to figure out the original colours that contributed to a mixture. In the math world, that is called a one-way function. Imagine the difficulty in figuring out a key from complex mathematical computations. The Diffie-Hellman paper said: “A third party eavesdropping on this exchange must find it computationally infeasible to compute the key from the information overheard.”
Can’t those who have access to the server read messages?
End-to-end encryption removes this vulnerability. WhatsApp also says it does not store messages on its servers once they are delivered.
An earlier generation of encryption did not secure the entire channel, but secured the communication between a user and the server (of a messaging service). Once the server received a message intended for another user, it would decrypt and again encrypt it before sending it securely to the receiver. But this meant that there was a chance of security being compromised at the level of the server.
Can leaks still happen?
End-to-end encryption cannot prevent leaks from happening if a third party has access to a device which contains these messages. Encryption also does not help in cases wherein the sender or the receiver of a message shares it with others, a member of a group shares it with others, or messages are stored in a different format on a different application or platform open to others.