WhatsApp has finally introduced end-to-end encryption. For many of the WhatsApp users, me being one among them, “encryption” is a term too heavy to understand. Anyway, it simply means that from now on, all the data shared between the participants in a WhatsApp chat cannot be accessed by anyone else- not even WhatsApp, cyber criminals or even law enforcement agencies. No eavesdropping, to be precise. Everything from one to one chats, group chats, calls and data shared will be encrypted from now on. The news was shared by Whatsaap founder, Jan Koum on his Facebook page. Collaborating with Open Whisper Systems, WhatsApp is using “the single protocol” designed by them to enable encryption.
“We’ve been working for the past two years to give people better security over their conversations on WhatsApp. People deserve security. It gives us the confidence to speak our minds. It allows us to communicate sensitive information with colleagues, friends, and others. We’re glad to do our part in keeping people’s information out of the hands of hackers and cyber-criminals,” Juam wrote in his page.
So what actually is WhatsApp encryption and how is it going to work? Let us have a look.
WhatsApp has mentioned in detail all the technical details about end to end encryption in The White Paper. It reads “The messages of clients are protected by using AES256 in CBC mode for encryption, and HMAC-SHA256 for authentication. With each message transmitted, the message key changes. It is ephemeral, so the message key used for encrypting the message cannot reconstruct the same message twice.” This feature in enabled in your WhatsApp app by default, that means if have the latest version of WhatsApp downloaded in your phone, or you update the older version, all your chats will automatically be end to end encrypted. It just needs to be noted that as the message key keeps on changing, it may cause delay in the delivery of the messages.
How it works?
When you tap to any friend’s profile in WhatsApp, you will see a pop up explanation of encryption. Users can tap the same to verify, on which you will be lead to a QR page, with a block of 60 numbers. If the contact whose profile you have chosen is nearby, take his phone to scan your code, or you can do this for him. If the QR code matches, a green tick will appear which means chats between you two is encrypted. If you get a red exclamation mark, it means your code doesn’t match and hence the chat isn’t encrypted.
What if the verification code fails?
In case you get a red exclamation mark while verifying your code, it means your codes do not match. Such a situation arose when they engineers in WhatsApp tried to verify a chat between an Android and an iOS device. This may happen even with two Android devices or two iOS devices. The WhatsApp engineers say that they are building another app to solve this issue, and this can be abated very soon.
In a time when there is an ongoing battle between Apple and FBI regarding unlocking a terrorist’s iPhone, and an overall wide attempt to keep a tab on communications, this change introduced by WhatsApp can prove a bit controversial. But anyway, it’s a relief to know that our chats are completely private now.