A security researcher and cryptographer from the University of California has discovered a vulnerability in Facebook’s WhatsApp messaging service that, if exploited, would allegedly allow a third party to snoop on the encrypted messages of over a billion people, the Guardian reports.
However, the company behind the encryption technology has disputed the security researcher’s claims.
Across the world, in oppressive regimes and the post-Snowden West, journalists and activists have used WhatsApp’s secure messaging to communicate in confidentiality and privacy, making this discovery all the more alarming.
Facebook bought WhatsApp in 2014 for a hefty $22 billion and, in April 2016, implemented the Signal protocol, a respected end-to-end encryption methodology with no known weaknesses that is owned and developed by a company called Open Whisper Systems.
End-to-end encryption works by creating a unique pair of security keys for messages to verify and protect communication between users. It’s supposed to prevent the communications being read or intercepted and thus protect the privacy of users.
Researcher Tobias Boelter, however, says he discovered a problem with the way in which Facebook applies the Signal protocol.
While the company did implement the encryption protocol, it also applied a new function that would give WhatsApp the ability to resend undelivered messages. In resending, the application generates a new unique security key, which makes that individual message readable to WhatsApp.
In a statement, WhatsApp defended the resending of messages as a practical function: “In many parts of the world, people frequently change devices and SIM cards. In these situations, we want to make sure people’s messages are delivered, not lost in transit.”
However, for many users who utilize the service because of its privacy feature, this function could raise alarm since it can be seen to weaken the Signal protocol, according to Boelter, and allegedly exposes their private communications to governments, police, or hackers—albeit only in the context that a message goes undelivered.
Open Whisper Systems says this interpretation is entirely incorrect, explaining in a lengthy blog post in response to the Guardian article:
The fact that WhatsApp handles key changes is not a “backdoor,” it is how cryptography works. Any attempt to intercept messages in transmit by the server is detectable by the sender, just like with Signal, PGP, or any other end-to-end encrypted communication system.
The only question it might be reasonable to ask is whether these safety number change notifications should be “blocking” or “non-blocking.” In other words, when a contact’s key changes, should WhatsApp require the user to manually verify the new key before continuing, or should WhatsApp display an advisory notification and continue without blocking the user.
Signal went on to say that it feels WhatsApp’s choice to display the non-blocking notification is appropriate. “It provides transparent and cryptographically guaranteed confidence in the privacy of a user’s communication, along with a simple user experience,” the company said.
It’s important to note that the issue Boelter raises is not inherent in the Signal protocol, according to the Guardian, which has been touted by NSA whistleblower Edward Snowden and renowned cryptographers.
End-to-end encryption is designed to minimize the data that even the service provider can access, hiding even the security keys. When Open Whisper Systems were handed a subpoena in 2016, requiring it to give up user data, it could only share when a user had signed up and the last time they had logged in.
https://twitter.com/csoghoian/status/783269644769562624
However, if in fact WhatsApp can exploit access to undelivered messages via this function, it could land the company in a compromising legal place, according to Boelter.
“If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys,” Boelter reported to the Guardian.
Facebook did not immediately respond to multiple requests for comment.
Update 6:50pm CT, Jan. 13: Open Whisper Systems has disputed the Guardian‘s report. We have updated our story, including the headline, to reflect the new information provided by the company.