53

Slightly old news: Whatsapp Just Switched on End-to-End Encryption for Hundreds of Millions of Users

Is there any test that I can perform to verify that WhatsApp is indeed using end-to-end encryption between my and another Android phone?

Ansis Māliņš
  • 653
  • 1
  • 5
  • 6
  • 1
    Use a sniffer to analyze the traffic? – Ulkoma Jan 13 '15 at 12:02
  • 53
    An other way would be to tell one of your mates something like "next week we will attack the white house" and wait at home to see if feds will knock on your door, if they don't then WhatApp is secure. I would not recommend this test tho for obvious reasons – Ulkoma Jan 13 '15 at 14:04
  • 5
    @Ulkoma good one! however in my idea it could be end-to-end encrypted but still feds knock on his door! ;) – hatef Jan 13 '15 at 18:12
  • Can not check this until you have access to WhatsApp source code to see how they manage message encryption. A public/private key exchange mechanism should be in place to create messages that can be used only on two devices. –  Jan 14 '15 at 12:34
  • LOL @ people thinking the Feds can't decrypt every encryption scheme available on Western technology compatible hardware on the planet right now. – Aditya M P May 05 '15 at 05:55
  • @Ulkoma What if I text it to myself? (i.e. other device of mine) There's a law against that? Can I just say I was just taking a note about your comment? – Gustavo Rodrigues Jun 11 '15 at 15:35
  • My first thought was "It can't be, because then how would WhatsApp Web work?" I can see messages on WhatsApp Web, so my private key must have been transmitted either to the WhatsApp web server or to my browser. It looks like this works by establishing a connection between your browser and your phone (mediated by the WhatsApp servers) - http://whatsapp.com/faq/web/28080002 So this doesn't rule out end-to-end encryption Android-Android; it just means that if you use the web client, messages are being exchanged from your phone to the web client via a WhatsApp server. – Dan Nov 12 '15 at 15:15

5 Answers5

40

There isn't any quick check you can perform in order to be sure that end-to-end encryption is used. Even if you manage to get this confirmation, then you have to make sure that the used encryption keys never left your device (and the device of your friend). If end-to-end encryption is used, but WhatsApp or someone else has access to the encryption keys, the chat is no longer confidential.

There is some available information which can allow a security researcher to start investigating the matter:

  • The encryption software is known and the code is open source (even if we do not know what changes were made to the WhatsApp implementation)

WhatsApp will integrate the open-source software Textsecure, created by privacy-focused non-profit Open Whisper Systems, which scrambles messages with a cryptographic key that only the user can access and never leaves his or her device

P.S.: There is at least one way to tell if they are not using end-to-end encryption and parsing the contents of your messages. Some time ago, a security researcher discovered that URLs sent in Skype messages are accessed from Microsoft IP addresses (link). You can try the same thing by setting up a web server and sending some unique URLs on WhatsApp.

Peter Mortensen
  • 885
  • 5
  • 10
Dinu
  • 3,186
  • 16
  • 25
  • 1
    Regarding the link sent on Skype, I would assume that Microsoft visits them in order to check if they're secure and if not, it blocks them, to prevent spam, scam or pishing attacks spreading via Skype. Of course it does not change anything. – entropid Jan 14 '15 at 15:02
  • 2
    @entropid in this scenario, though, end-to-end encryption would prevent them from being able to do so. – Joost Feb 14 '15 at 17:11
  • My point was to explain why that happens; of course it could be prevented. :) – entropid Feb 14 '15 at 17:12
14

I actually did some work on reverse-engineering the WhatsApp protocol a while ago. At that time, it was SSL-encrypted over Wi-Fi and cleartext over 3G. It's possible to root your Android device and install a local packet sniffer to dump the traffic; it's also usually possible to install your own CA root certificate to MITM SSL traffic.

The interesting question will be if it's encrypted within the SSL wrapper, because SSL is device-to-server, not end-to-end.

Sending a message M, should produce a packet P, of data sent, possibly fragmented. If the receiving device does not get P, but instead gets something different, then it's not properly end-to-end encrypted or there is a "tunneling" system going on.

Jens Erat
  • 23,816
  • 12
  • 75
  • 96
pjc50
  • 2,996
  • 12
  • 17
6

No. Not unless you have the resources to insert sniffers into every intermediate location including the private ones in the WhatsApp infrastructure.

Julian Knight
  • 7,102
  • 18
  • 23
  • 9
    Even if you sniff the packets and notice they _are_ encrypted, you can't know for sure whether they are truly encrypted _only_ to the recipient's key and not to a combined NSA key... – Tobias Kienzler Jan 13 '15 at 20:39
  • 1
    could that not be done if the tester has 2 devices, send messages between them and then test it if the message isn't modified from sended to recieved? – Serverfrog Jan 14 '15 at 12:36
  • @Serverfrog: How does encryption modify the message? – arc_lupus Apr 07 '16 at 06:55
  • I think he is referring to a MITM attack whereas Tobias is referring to whether the original signing key is actually private or whether a shared key is used thus allowing the message to be decrypted outside the normal flow. – Julian Knight Apr 07 '16 at 07:45
2

To be really sure, you would have to decompile WhatsApp and check what the code actually does. This may be easier than expected if the Android version is written in Java and is not obfuscated. I have done this before and the decompiled code was surprisingly readable.

Even after that, there may be an (un)intentional weakness built into the system which would enable decryption, such as the infamous Apple's goto fail bug.

JohnEye
  • 143
  • 1
  • 5
1

WhatsApp messages are already encrypted between your device and their servers, so a packet sniffer won't work. AFAIK they're rolling out the encryption quietly and starting with Android text-only messages first. So the only way I could think of would be to reverse engineer the app. However I think the latest version of the Android app will do end-to-end.

MarkH
  • 11
  • 1