Whatsapp Just Switched on End-to-End Encryption for Hundreds of Millions of Users

The result is practically uncrackable encryption for hundreds of millions of phones and tablets that have Whatsapp installed---by some measures the world’s largest-ever implementation of this standard of encryption in a messaging service.

whatsapp-ft

Growing up in Soviet Ukraine in the 1980s, Whatsapp founder Jan Koum learned to distrust the government and detest its surveillance. After he emigrated to the U.S. and created his ultra-popular messaging system decades later, he vowed that Whatsapp would never make eavesdropping easy for anyone. Now, Whatsapp is following through on that anti-snooping promise at an unprecedented scale.

On Tuesday, Whatsapp announced that it’s implementing end-to-end encryption, an upgrade to its privacy protections that makes it nearly impossible for anyone to read users’ messages---even the company itself. Whatsapp will integrate the open-source software Textsecure, created by privacy-focused non-profit Open Whisper Systems, which scrambles messages with a cryptographic key that only the user can access and never leaves his or her device. The result is practically uncrackable encryption for hundreds of millions of phones and tablets that have Whatsapp installed---by some measures the world’s largest-ever implementation of this standard of encryption in a messaging service.

“Whatsapp is integrating Textsecure into the most popular messaging app in the world, where people exchange billions of messages a day,” says Moxie Marlinspike, Open Whisper System’s creator and a well known software developer in the cryptography community. “I do think this is the largest deployment of end-to-end encryption ever.”

Textsecure has actually already been quietly encrypting Whatsapp messages between Android devices for a week. The new encryption scheme means Whatsapp messages will now travel all the way to the recipients’ device before being decrypted, rather than merely being encrypted between the user’s device and Whatsapp’s server. The change is nearly invisible, though Marlinspike says Whatsapp will soon add a feature to allow users to verify each others’ identities based on their cryptographic key, a defense against man-in-the-middle attacks that intercept conversations. "Ordinary users won’t know the difference," says Marlinspike. "It’s totally frictionless."

>"This is the largest deployment of end-to-end encryption ever.”

In its initial phase, though, Whatsapp’s messaging encryption is limited to Android, and doesn’t yet apply to group messages, photos or video messages. Marlinspike says that Whatsapp plans to expand its Textsecure rollout into those other features and other platforms, including Apple’s iOS, soon. He wouldn’t specify an exact time frame, and Whatsapp staffers declined to comment on the new encryption features. Marlinspike says the Textsecure implementation has been in the works for six months, since shortly after Whatsapp was acquired by Facebook last February.

Whatsapp’s Android users alone represent a massive new user base for end-to-end encrypted messaging: Whatsapp’s page in the Google Play store lists more than 500 million downloads. Textsecure had previously been installed on only around 10 million gadgets running the Cyanogen mod variant of Android and about 500,000 other devices.

The only encrypted messaging system that compares in size is Apple’s iMessage, which also claims to use a version of end-to-end encryption. Compared with Textsecure, however, Apple’s iMessage security has some serious shortcomings. iMessage doesn’t track which devices’ cryptographic keys are associated with a certain user, so Apple could simply create a new key the user wasn’t aware of to start intercepting his or her messages. Additionally, many users unwittingly back up their stored iMessages to Apple’s iCloud, which renders any end-to-end encryption moot. Plus, unlike Textsecure, iMessage doesn’t use a feature called “forward secrecy” that creates a new encryption key for each message sent. This means that anyone who collects a user’s encrypted messages and successfully cracks a user’s key can decrypt all their communications, not just the one message that uses that key.

Whatsapp’s rollout of strong encryption to hundreds of millions of users may be an unpopular move among governments around the world, whose surveillance it could make far more difficult. Whatsapp's user base is highly international, with large populations of users in Europe and India. But Whatsapp founder Jan Koum has been vocal about his opposition to cooperating with government snooping. "I grew up in a society where everything you did was eavesdropped on, recorded, snitched on," he told Wired UK earlier this year. "Nobody should have the right to eavesdrop, or you become a totalitarian state---the kind of state I escaped as a kid to come to this country where you have democracy and freedom of speech. Our goal is to protect it."