WhatsApp enables end-to-end encryption on all platforms
WhatsApp has completed its update that brings end-to-end encryption to all platforms. Both Android and iOS as well as Windows 10 Mobile and BB10 support the Signal Protocol for secure chat and voice communication.
WhatsApp users running the latest version on a device with Android, iPhone, Windows 10 Mobile, Nokia S40, Nokia S60, Blackberry or BB10 now support the Signal Protocol for end-to-end encryption, reports Moxie Marlinspike. He is responsible for adding security and developed the cryptographic Axolotl protocol, which was renamed Signal Protocol by developer Open Whisper Systems last week.
Thanks to support for the Signal Protocol, WhatsApp now supports end-to-end encryption on the mentioned platforms, meaning that information is encrypted by the sender and can only be read by the receiver, with forward secrecy. Since not every user updates their software, WhatsApp warns if conversations are still in plain text or unencrypted speech. Users can see the encryption status of individual conversations or group chats in the conversation screen or in the settings.
If the service determines that a contact supports end-to-end encryption, the communication is encrypted from that point on. Even after a downgrade, communication in clear text is no longer possible, for security reasons. “Eventually, all pre-e2e capable clients expire, and from then on, new versions of the software will no longer send or accept any plaintext messages,” writes Marlinspike.
WhatsApp offers the option of verification of sessions by means of a QR code or a code that users can read aloud. This involves a numerical fingerprint of twelve times five numbers. If users switch codes, contacts can optionally receive a notification.
WhatsApp publishes the details on how to use the encryption in a white paper. Reports about the arrival of end-to-end encryption have been around for some time. WhatsApp claims to have more than a billion users. The arrival of strong security means that intelligence services worldwide can no longer directly view the communications of all those users. For years, the debate has been going on whether encryption should be so strong that intelligence agencies cannot access the data, a debate that has intensified since the FBI demanded Apple unlock an iPhone. According to Marlinspike, more messaging services will integrate the Signal Protocol into their services.