This week, an article by Guardian reported that Whatsapp’s encrypted messages are vulnerable to hacks. The encryption keys in social messenger leave users wide open to man-in-the-middle attacks, enabling third-parties to tap their communications.
Last spring, Whatsapp announced that every message on its service is delivered with end-to-end encryption which means not even Whatsapp can tell what’s inside.
In the MITM attack, if an attacker gains access to a WhatsApp server, he could forcibly reset the keys used to encrypt messages and install himself as a relay point, intercepting any future messages sent between the parties. The recipient of the message would not be alerted to the change in keys, and the sender will only be alerted if they’ve opted into the app’s “Show security notifications” setting.
The underlying weakness has to do with alerts rather than cryptography. Although they share the same underlying encryption, the Signal app by Open Whisper Systems isn’t vulnerable to the same attack. If the Signal client detects a new key, it will block the message rather than risk sending it insecurely.
WhatsApp will send that message anyway. Since the key alert isn’t on by default, most users would have no idea.
Based on its Signal Protocol (also used for encrypted messaging in Google’s Allo), each client is identified by a public key that’s shared with other people, and a private key on the device. Because people change phones or uninstall and reinstall apps, the pair of keys can change. Users can ensure their communication is secure by checking the security code displayed on each end, if it matches, then they can be sure their messages aren’t subject to MITM attack by a third party.
The attack cannot be exploited by many criminals because it requires server access but still an unusually skilled attacker or a court order could compel WhatsApp to break its own security.
The messenger was quick to push back against the allegation saying that “WhatsApp does not give governments a ‘backdoor’ into its systems and would fight any government request to create a backdoor.” WhatsApp team and people who helped design the implementation defended the flaw saying that the design decision isn’t putting users at risk.
The bug reported in the article had long been known to security professionals, and there’s no evidence WhatsApp ever tried to conceal it. The persistence of the weakness shows how hard it is to balance security with the demands of everyday users.
The flaw has been described as a “security back door” by The Guardian and privacy campaigners but more sober voices have described it as a minor bug and criticised the media outlet for going over the top. A number of security professionals have chimed in to agree, including Frederic Jacobs, who helped design the protocol being used.
The vulnerabilities in key handling were first discovered by German computer scientist Tobias Boelter in April 2016. In his blog, Boelter blamed the bug on the use of closed-source software, rather than a deliberately inserted back door.
The Guardian raised the urgency of this flaw by pointing to the UK’s recently passed Investigatory Powers Bill, which gives that government significant new legal powers for aggressive data collection. But it would be very hard to use this vulnerability for mass surveillance. A successful attack would allow WhatsApp servers to break a given conversation’s encryption, but to provide data en masse to the government, the servers would have to perform that attack continuously on every conversation in the UK, sending out a cascade of pings to anyone with security notifications enabled.
If WhatsApp were to leverage this bug to fulfil lawful access demands, the company would have to implement the attack continually on every user in the country, which would be extremely noisy and extremely visible. The end result wouldn’t be much different from shipping an update and announcing that the service is no longer encrypted.
For users, the most responsible thing to do seems to be to turn on notifications and check your security codes regularly.