The decision by WhatsApp founders Brian Acton and Jan Koum to encrypt direct messages, group messages and voice calls drew a lot of attention to the Facebook subsidiary—given the recent dispute between the FBI and Apple.
Security experts described how the improved WhatsApp protected users’ privacy and where it fell short. Security writers called it the FBI's worst nightmare. And pundits talked about recent reports that the White House withdrew its support for legislation that would allow judges to order WhatsApp to decrypt customers’ messages.
WhatsApp, like Apple, wants a defense against government orders and warrants to unlock and reveal customer information. There is only one defense to the order that the government will not contest: it is impossible.
Until this announcement, WhatsApp could not tell the government that it is impossible to decrypt customers’ information. It could and has taken a moral position refusing to carry out the court order much like a journalist refusing a court order to reveal a source. That stance, however, resulted in the arrest of a Facebook executive after the company opposed a Brazilian court’s order to turn over information about a customer who was the subject of a drug trafficking investigation.
Politicians Are Wrong
Politicians and government security agencies have created the illusion that strong encryption can be designed to be broken when the government has a really good reason. U.S. President Barack Obama, French President François Hollande and U.K. Prime Minister David Cameron (to name just a few) and most of their cabinet officials have called for technology companies to cooperate with governments to develop a solution to encryption. Resorting to extreme spin, Robert Hannigan head of the U.K. Government Communications Headquarters (GCHQ), the U.K.’s equivalent to the NSA, called for an end to the terrorists’ abuse of encryption.
The politicians are wrong, and much of the controversy about encryption stems from their unfounded belief that encryption that protects information can at the same time be made available when a government wants to inspect it. Believing in a flawed encryption algorithm that only WhatsApp or Apple has a key to unlock is mathematically impossible and is the same as believing that gravity can occasionally be turned off when the government has a very good reason.
Strong encryption algorithms generate complex keys that convert data into undecipherable apparently random 1s and 0s that would require many years of supercomputer time to break. An algorithm like this that strongly protects data cannot also have a single master decryption key held in the custody of the vendor or government because it creates unquantifiable security risks. If a key is deciphered, only a single session or data store will be compromised. But if the master key is compromised, all the data secured with the algorithm everywhere in the world will be compromised and can be decrypted.
Encrypting Data at Rest and in Transit
After WhatsApp customers update the application to the version that encrypts voice calls and messages using the Signal protocol from non-profit Open Whisper System, WhatsApp can refuse to comply with court orders with the defense that decryption is impossible.
WhatsApp uses the Signal protocol to encrypt voice and messaging data in transit similar to how Google encrypts Gmail in transit using Transport Layer Security (TLS). WhatsApp data at rest might not be encrypted, though. If the data comes to rest in an older iPhone, such as the 5c at the center of the FBI dispute, or an older Android smartphone that has exploitable flaws and also doesn’t encrypt storage, someone in possession of the phone could read the stored data. Data stored on the most recent iPhones or Android phones, such as the Nexus 6p and Samsung S7, would be protected unless a zero-day flaw affecting these new models is discovered.
WhatsApp messages may be encrypted in transit and at rest, but the metadata will remain subject to a court order or warrant. The telephone numbers of the people who sent the messages and made the calls, as well as what time the communication took place, are logged.
Perhaps one reason governments are so adamant could be their history of cooperation with the telephone carriers who made court order compliance a profit center, charging the U.S. spy agencies and law enforcement agencies fees for turning over the information. The mobile carriers don’t encrypt text messaging traffic between their customers’ phones and their MMSC servers. Note the unencrypted HTTP protocol used in the URLs of the three largest mobile carriers’ Multimedia Messaging Service Center (MMSC) servers:
The technology is entering the second phase of protecting user privacy. The first phase that is yet to be completed began with companies such as Google and Apple encrypting phones, messaging and storage. In this second phase, companies occupying smaller parts of the ecosystem, such as WhatsApp, can build on recent iPhone and Android device encryption innovations to complete comprehensive encryption. Using open source projects such as the Signal protocol written with community transparency, they can eliminate back doors and reduce zero-day exploits.