WhatsApp backdoor allows snooping on encrypted messages

A security backdoor that can be used to allow Facebook and others to intercept and read encrypted messages has been found within its WhatsApp messaging service.

Facebook claims that no one can intercept WhatsApp messages, not even the company and its staff, ensuring privacy for its billion-plus users. But new research shows that the company could in fact read messages due to the way WhatsApphas implemented its end-to-end encryption protocol.

Privacy campaigners said the vulnerability is a “huge threat to freedom of speech” and warned it can be used by government agencies to snoop on users who believe their messages to be secure. WhatsApp has made privacy and security a primary selling point, and has become a go to communications tool of activists, dissidents and diplomats.

WhatsApp’s end-to-end encryption relies on the generation of unique security keys, using the acclaimed Signal protocol, developed by Open Whisper Systems, that are traded and verified between users to guarantee communications are secure and cannot be intercepted by a middleman. However, WhatsApp has the ability to force the generation of new encryption keys for offline users, unbeknown to the sender and recipient of the messages, and to make the sender re-encrypt messages with new keys and send them again for any messages that have not been marked as delivered.

The recipient is not made aware of this change in encryption, while the sender is only notified if they have opted-in to encryption warnings in settings, and only after the messages have been re-sent. This re-encryption and rebroadcasting effectively allows WhatsApp to intercept and read users’ messages.

The security backdoor was discovered by Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley. He told the Guardian: “If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys.”

The backdoor is not inherent to the Signal protocol. Open Whisper Systems’ messaging app, Signal, the app used and recommended by whistleblower Edward Snowden, does not suffer from the same vulnerability. If a recipient changes the security key while offline, for instance, a sent message will fail to be delivered and the sender will be notified of the change in security keys without automatically resending the message.

WhatsApp’s implementation automatically resends an undelivered message with a new key without warning the user in advance or giving them the ability to prevent it.

Boelter reported the backdoor vulnerability to Facebook in April 2016, but was told that Facebook was aware of the issue, that it was “expected behaviour” and wasn’t being actively worked on. The Guardian has verified the backdoor still exists.

Steffen Tor Jensen, head of information security and digital counter-surveillance at the European-Bahraini Organisation for Human Rights, verified Boelter’s findings. He said: “WhatsApp can effectively continue flipping the security keys when devices are offline and re-sending the message, without letting users know of the change till after it has been made, providing an extremely insecure platform.”

Boelter said: “[Some] might say that this vulnerability could only be abused to snoop on ‘single’ targeted messages, not entire conversations. This is not true if you consider that the WhatsApp server can just forward messages without sending the ‘message was received by recipient’ notification (or the double tick), which users might not notice. Using the retransmission vulnerability, the WhatsApp server can then later get a transcript of the whole conversation, not just a single message.”

The vulnerability calls into question the privacy of messages sent across the service, which is used around the world, including by people living in oppressive regimes.

Professor Kirstie Ball, co-director and founder of the Centre for Research into Information, Surveillance and Privacy, called the existence of a backdoor within WhatsApp’s encryption “a gold mine for security agencies” and “a huge betrayal of user trust”. She added: “It is a huge threat to freedom of speech, for it to be able to look at what you’re saying if it wants to. Consumers will say, I’ve got nothing to hide, but you don’t know what information is looked for and what connections are being made.”

In the UK, the recently passed Investigatory Powers Act allows the government to intercept bulk data of users held by private companies, without suspicion of criminal activity, similar to the activity of the US National Security Agency uncovered by the Snowden revelations. The government also has the power to force companies to “maintain technical capabilities” that allow data collection through hacking and interception, and requires companies to remove “electronic protection” from data. Intentional or not, WhatsApp’s backdoor to the end-to-end encryption could be used in such a way to facilitate government interception.

Jim Killock, executive director of Open Rights Group, said: “If companies claim to offer end-to-end encryption, they should come clean if it is found to be compromised – whether through deliberately installed backdoors or security flaws. In the UK, the Investigatory Powers Act means that technical capability notices could be used to compel companies to introduce flaws – which could leave people’s data vulnerable.”

A WhatsApp spokesperson told the Guardian: “Over 1 billion people use WhatsApp today because it is simple, fast, reliable and secure. At WhatsApp, we’ve always believed that people’s conversations should be secure and private. Last year, we gave all our users a better level of security by making every message, photo, video, file and call end-to-end encrypted by default. As we introduce features like end-to-end encryption, we focus on keeping the product simple and take into consideration how it’s used every day around the world.

“In WhatsApp’s implementation of the Signal protocol, we have a “Show Security Notifications” setting (option under Settings > Account > Security) that notifies you when a contact’s security code has changed. We know the most common reasons this happens are because someone has switched phones or reinstalled WhatsApp. This is because in many parts of the world, people frequently change devices and Sim cards. In these situations, we want to make sure people’s messages are delivered, not lost in transit.”

Asked to comment specifically on whether Facebook/WhatApps had accessed users’ messages and whether it had done so at the request of government agencies or other third parties, it directed the Guardian to its site that details aggregate data on government requests by country.

WhatsApp later issued another statement saying: “WhatsApp does not give governments a ‘backdoor’ into its systems and would fight any government request to create a backdoor.”

Concerns over the privacy of WhatsApp users has been repeatedly highlighted since Facebook acquired the company for $22bn in 2014. In August 2015, Facebook announced a change to the privacy policy governing WhatsApp that allowed the social network to merge data from WhatsApp users and Facebook, including phone numbers and app usage, for advertising and development purposes.

Facebook halted the use of the shared user data for advertising purposes in November after pressure from the pan-European data protection agency groupArticle 29 Working Party in October. The European commission then filed charges against Facebook for providing “misleading” information in the run-up to the social network’s acquisition of messaging service WhatsApp, following its data-sharing change.

Should I be worried about the WhatsApp encryption backdoor?

 

backdoor has been found within Facebook’s secure messaging service WhatsApp, which would allow the company and third-parties such as government agencies to intercept and read supposedly encrypted and private messages.

What is WhatsApp?

WhatsApp is a free messaging and calling service that uses the internet to deliver communications. It is used by over 1 billion people across the world including in countries with oppressive regimes. It was bought by Facebook in 2014 for $22bn (£18bn) and implemented end-to-end encryption in April 2016.

What is end-to-end encryption?

End-to-end encryption (E2EE) ensures that a conversation can only be read by the sender and recipient and not intercepted by a middleman. WhatsApp uses the acclaimed Signal encryption protocol that relies on the exchanging of unique security keys that are verified between users to guarantee communications cannot be intercepted by a middleman.

Anything said between users with E2EE is guaranteed to be private during transit, unless there’s a backdoor to the encryption.

What is a backdoor?

backdoor to a technology such as encryption is simply a way for a third-party to access something secure without the primary parties being aware. In this case, it is a way for a third-party such as WhatsApp to read encrypted messages that are supposedly secure against interception.

Your security technology is only as strong as the weakest link. The introduction of a backdoor is the weak link.

What has WhatsApp done?

The Signal encryption protocol has no known weaknesses if it is implemented correctly. WhatsApp has implemented a backdoor into the Signal protocol, giving itself the ability to force the generation of new encryption keys for offline users and to make the sender re-encrypt messages with new keys and send them again for any messages that have not been marked as delivered.

It means that it could generate keys known to WhatsApp or a third-party and therefore read and intercept apparently encrypted messages without the sender or recipients knowledge.

Why is it like it is?

WhatsApp says that it implemented the backdoor to aid usability. If the backdoor is not in place, messages sent to an offline user, who then changes their smartphone or has to re-install WhatsApp and in doing so generates new security keys for themselves, would remain undelivered once the user comes back online.

A WhatsApp spokesperson told the Guardian: “In many parts of the world, people frequently change devices and Sim cards. In these situations, we want to make sure people’s messages are delivered, not lost in transit.”

Should I be worried?

Unlike most of Facebook’s other messaging and social media services, this backdoor is unlikely to ever be used for profiling for advertising purposes. The burden to execute the interception of messages is likely too high to be cost effective.

But the same cannot be said for government agencies and actors. A backdoor into a supposedly secure, end-to-end encrypted, private messaging service could be a “goldmine” for surveillance purposes and is “a huge betrayal of user trust”, according to privacy advocates.

The amount of private information sent knowingly or unknowingly through WhatsApp could be vast and therefore is a very attractive target for surveillance.

Should I stop using WhatsApp?

If you use WhatsApp as a way to avoid government surveillance due to its end-to-end encryption service, you should stop using it immediately.

Facebook and WhatsApp could be compelled to give government agencies such as GCHQ and the US National Security Agency access to users’ messages.

What are the alternatives?

There are several alternatives to WhatsApp that use encryption to secure communications against interception. The most recommended is Signal, which was developed by Open Whisper Systems and is the namesake of the Signal E2EE protocol.

It is used and recommended by NSA whistle blower Edward Snowden, and is considered the gold standard for private messaging. It does not have the same backdoor into the E2EE as WhatsApp, and is available for Android and iOS.

Source: The Guardian