SlideShare une entreprise Scribd logo
1  sur  11
Télécharger pour lire hors ligne
WhatsApp End-to-End Encryption
Exchange of Messages
WhatsApp uses XMPP Protocol to transfer the messages between the two clients.
Need to Encryption
 Messages were sent as plain text between two clients.
 All the messages were stored in the server until the messages are read by the
recipient.
 WhatsApp's adoption of end-to-end encryption follows Apple's debate with the
FBI over the unlocking of a terrorist's iPhone. During the dispute Jan Koum,
WhatsApp’s co-founder, said that he supported Apple's position and admired
its "efforts to protect user data".
 In March it was revealed that WhatsApp had been targeted by court
orders asking to access information it holds.
WhatsApp End to End encryption
The Signal Protocol, designed by Open Whisper Systems, is the basis for
WhatsApp’s end-to-end encryption. This end-to-end encryption protocol
is designed to prevent third parties and WhatsApp from having plaintext
access to messages or calls.
WhatsApp End to End encryption
Keys used in this encryption
Public Key Types
• Identity Key Pair – A long-term Curve25519 key pair, generated at install time.
• Signed Pre Key – A medium-term Curve25519 key pair, generated at install time,
signed by the Identity Key, and rotated on a periodic timed basis.
• One-Time Pre Keys – A queue of Curve25519 key pairs for one time use,
generated at install time, and replenished as needed.
Session Key Types
• Root Key – A 32-byte value that is used to create Chain Keys.
• Chain Key – A 32-byte value that is used to create Message Keys.
• Message Key – An 80-byte value that is used to encrypt message contents. 32
bytes are used for an AES-256 key, 32 bytes for a HMAC-SHA256 key, and 16 bytes
for an IV.
Exchanging Messages
Once a session has been established, clients exchange messages that are
protected with a Message Key using AES256 in CBC mode for encryption and
HMAC-SHA256 for authentication.
The Message Key changes for each message transmitted, and is ephemeral, such
that the Message Key used to encrypt a message cannot be reconstructed from
the session state after a message has been transmitted or received.
The Message Key is derived from a sender’s Chain Key that “ratchets” forward
with every message sent. Additionally, a new ECDH agreement is performed with
each message roundtrip to create a new Chain Key.
Verifying the keys
The 60-digit number is computed by concatenating the two 30-digit numeric
fingerprints for each user’s Identity Key. To calculate a 30-digit numeric
fingerprint:
1.Iteratively SHA-512 hash the public Identity Key and user identifier
5200 times.
2.Take the first 30 bytes of the final hash output.
3.Split the 30-byte result into six 5-byte chunks.
4.Convert each 5-byte chunk into 5 digits by interpreting each 5-byte chunk as a
big-endian unsigned integer and reducing it modulo 100000.
5.Concatenate the six groups of five digits into thirty digits.
Conclusion
Messages between WhatsApp users are protected with an end-to-
end encryption protocol so that third parties and WhatsApp cannot
read them and so that the messages can only be decrypted by the
recipient. All types of WhatsApp messages (including chats, group
chats, images, videos, voice messages and files) and WhatsApp
calls are protected by end-to-end encryption.
WhatsApp servers do not have access to the private keys of
WhatsApp users, and WhatsApp users have the option to verify
keys in order to ensure the integrity of their communication.
Thank you
Any Queries??

Contenu connexe

Tendances

Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.pptUday Meena
 
S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)Prafull Johri
 
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...rahul kundu
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)SAurabh PRajapati
 
Wireless network security
Wireless network securityWireless network security
Wireless network securityVishal Agarwal
 
SHA 1 Algorithm.ppt
SHA 1 Algorithm.pptSHA 1 Algorithm.ppt
SHA 1 Algorithm.pptRajapriya82
 
Password strength svm
Password strength svmPassword strength svm
Password strength svmSunil Rm
 
The Diffie-Hellman Algorithm
The Diffie-Hellman AlgorithmThe Diffie-Hellman Algorithm
The Diffie-Hellman AlgorithmJay Nagar
 
2. Stream Ciphers
2. Stream Ciphers2. Stream Ciphers
2. Stream CiphersSam Bowne
 
Wireless security using wpa2
Wireless security using wpa2Wireless security using wpa2
Wireless security using wpa2Tushar Anand
 
Block Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationBlock Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationVittorio Giovara
 
Simple Mail Transfer Protocol
Simple Mail Transfer ProtocolSimple Mail Transfer Protocol
Simple Mail Transfer ProtocolUjjayanta Bhaumik
 
cryptography ppt free download
cryptography ppt free downloadcryptography ppt free download
cryptography ppt free downloadTwinkal Harsora
 
Set Secure Electronic Transaction (SET)
Set Secure Electronic Transaction(SET)Set Secure Electronic Transaction(SET)
Set Secure Electronic Transaction (SET)Suraj Dhalwar
 

Tendances (20)

Cryptography.ppt
Cryptography.pptCryptography.ppt
Cryptography.ppt
 
Diffie-hellman algorithm
Diffie-hellman algorithmDiffie-hellman algorithm
Diffie-hellman algorithm
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tls
 
S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)
 
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
Hypertext transfer protocol and hypertext transfer protocol secure(HTTP and H...
 
Idea(international data encryption algorithm)
Idea(international data encryption algorithm)Idea(international data encryption algorithm)
Idea(international data encryption algorithm)
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
SHA 1 Algorithm.ppt
SHA 1 Algorithm.pptSHA 1 Algorithm.ppt
SHA 1 Algorithm.ppt
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Password strength svm
Password strength svmPassword strength svm
Password strength svm
 
The Diffie-Hellman Algorithm
The Diffie-Hellman AlgorithmThe Diffie-Hellman Algorithm
The Diffie-Hellman Algorithm
 
2. Stream Ciphers
2. Stream Ciphers2. Stream Ciphers
2. Stream Ciphers
 
WPA-3: SEA and Dragonfly
WPA-3: SEA and DragonflyWPA-3: SEA and Dragonfly
WPA-3: SEA and Dragonfly
 
Wireless security using wpa2
Wireless security using wpa2Wireless security using wpa2
Wireless security using wpa2
 
Block Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationBlock Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For Authentication
 
Simple Mail Transfer Protocol
Simple Mail Transfer ProtocolSimple Mail Transfer Protocol
Simple Mail Transfer Protocol
 
cryptography ppt free download
cryptography ppt free downloadcryptography ppt free download
cryptography ppt free download
 
Set Secure Electronic Transaction (SET)
Set Secure Electronic Transaction(SET)Set Secure Electronic Transaction(SET)
Set Secure Electronic Transaction (SET)
 
Wireless Attacks
Wireless AttacksWireless Attacks
Wireless Attacks
 
Diffiehellman
DiffiehellmanDiffiehellman
Diffiehellman
 

En vedette

CCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
CCNAv5 - S4: Chapter 7: Securing Site-to-site ConnectivityCCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
CCNAv5 - S4: Chapter 7: Securing Site-to-site ConnectivityVuz Dở Hơi
 
End-to-end encryption explained
End-to-end encryption explainedEnd-to-end encryption explained
End-to-end encryption explainedTodd Merrill
 
Review on Whatsapp's End to End encryption and Facebook integration
Review on Whatsapp's End to End encryption and Facebook integrationReview on Whatsapp's End to End encryption and Facebook integration
Review on Whatsapp's End to End encryption and Facebook integrationGovindarrajan NV
 
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM System
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM SystemLabmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM System
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM SystemSyuan Wang
 
End-to-End Encryption of Distributed Applications
End-to-End Encryption of Distributed ApplicationsEnd-to-End Encryption of Distributed Applications
End-to-End Encryption of Distributed ApplicationsJeff Lambert
 
NetMatrix TLE Terminal Line Encryption. SPVA certified, DUKPT, 3DES, DES, AES...
NetMatrix TLE Terminal Line Encryption. SPVA certified, DUKPT, 3DES, DES, AES...NetMatrix TLE Terminal Line Encryption. SPVA certified, DUKPT, 3DES, DES, AES...
NetMatrix TLE Terminal Line Encryption. SPVA certified, DUKPT, 3DES, DES, AES...Alex Tan
 
End-to-End Encryption for Credit Card Processing
End-to-End Encryption for Credit Card ProcessingEnd-to-End Encryption for Credit Card Processing
End-to-End Encryption for Credit Card ProcessingLennon808
 

En vedette (7)

CCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
CCNAv5 - S4: Chapter 7: Securing Site-to-site ConnectivityCCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
CCNAv5 - S4: Chapter 7: Securing Site-to-site Connectivity
 
End-to-end encryption explained
End-to-end encryption explainedEnd-to-end encryption explained
End-to-end encryption explained
 
Review on Whatsapp's End to End encryption and Facebook integration
Review on Whatsapp's End to End encryption and Facebook integrationReview on Whatsapp's End to End encryption and Facebook integration
Review on Whatsapp's End to End encryption and Facebook integration
 
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM System
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM SystemLabmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM System
Labmeeting - 20150211 - Novel End-to-End Voice Encryption Method in GSM System
 
End-to-End Encryption of Distributed Applications
End-to-End Encryption of Distributed ApplicationsEnd-to-End Encryption of Distributed Applications
End-to-End Encryption of Distributed Applications
 
NetMatrix TLE Terminal Line Encryption. SPVA certified, DUKPT, 3DES, DES, AES...
NetMatrix TLE Terminal Line Encryption. SPVA certified, DUKPT, 3DES, DES, AES...NetMatrix TLE Terminal Line Encryption. SPVA certified, DUKPT, 3DES, DES, AES...
NetMatrix TLE Terminal Line Encryption. SPVA certified, DUKPT, 3DES, DES, AES...
 
End-to-End Encryption for Credit Card Processing
End-to-End Encryption for Credit Card ProcessingEnd-to-End Encryption for Credit Card Processing
End-to-End Encryption for Credit Card Processing
 

Similaire à WhatsApp End to End encryption

Facebook Messenger начал тестировать end-to-end шифрование на протоколе Signal
Facebook Messenger начал тестировать end-to-end шифрование на протоколе SignalFacebook Messenger начал тестировать end-to-end шифрование на протоколе Signal
Facebook Messenger начал тестировать end-to-end шифрование на протоколе SignalAnatol Alizar
 
messenger-secret-conversations-technical-whitepaper (1).pdf
messenger-secret-conversations-technical-whitepaper (1).pdfmessenger-secret-conversations-technical-whitepaper (1).pdf
messenger-secret-conversations-technical-whitepaper (1).pdfShyamMalla3
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
unit - III.pptx
unit - III.pptxunit - III.pptx
unit - III.pptxsandyBS
 
Secure instant messanger service
Secure instant messanger serviceSecure instant messanger service
Secure instant messanger serviceAditya Gupta
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocolcsandit
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLcscpconf
 
WhatsApp Encryption Overview, Whitepaper
WhatsApp Encryption Overview, WhitepaperWhatsApp Encryption Overview, Whitepaper
WhatsApp Encryption Overview, WhitepaperMarco Antúnez Piña
 

Similaire à WhatsApp End to End encryption (20)

Secret conversations whitepaper-1
Secret conversations whitepaper-1Secret conversations whitepaper-1
Secret conversations whitepaper-1
 
Facebook Messenger начал тестировать end-to-end шифрование на протоколе Signal
Facebook Messenger начал тестировать end-to-end шифрование на протоколе SignalFacebook Messenger начал тестировать end-to-end шифрование на протоколе Signal
Facebook Messenger начал тестировать end-to-end шифрование на протоколе Signal
 
Lec 3.pptx
Lec 3.pptxLec 3.pptx
Lec 3.pptx
 
messenger-secret-conversations-technical-whitepaper (1).pdf
messenger-secret-conversations-technical-whitepaper (1).pdfmessenger-secret-conversations-technical-whitepaper (1).pdf
messenger-secret-conversations-technical-whitepaper (1).pdf
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)
 
final ppt TS.pptx
final ppt TS.pptxfinal ppt TS.pptx
final ppt TS.pptx
 
unit - III.pptx
unit - III.pptxunit - III.pptx
unit - III.pptx
 
Network Security CS2
Network Security CS2Network Security CS2
Network Security CS2
 
Secure instant messanger service
Secure instant messanger serviceSecure instant messanger service
Secure instant messanger service
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocol
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOL
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityCRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
 
ch11.ppt
ch11.pptch11.ppt
ch11.ppt
 
Whats app security-whitepaper
Whats app security-whitepaperWhats app security-whitepaper
Whats app security-whitepaper
 
WhatsApp Encryption Overview, Whitepaper
WhatsApp Encryption Overview, WhitepaperWhatsApp Encryption Overview, Whitepaper
WhatsApp Encryption Overview, Whitepaper
 
Unit 3
Unit 3Unit 3
Unit 3
 
Ch15
Ch15Ch15
Ch15
 
ssl
sslssl
ssl
 
Module 2.Cryptography and Cryptanalysis
Module 2.Cryptography and CryptanalysisModule 2.Cryptography and Cryptanalysis
Module 2.Cryptography and Cryptanalysis
 
Module 2.pdf
Module 2.pdfModule 2.pdf
Module 2.pdf
 

WhatsApp End to End encryption

  • 2. Exchange of Messages WhatsApp uses XMPP Protocol to transfer the messages between the two clients.
  • 3. Need to Encryption  Messages were sent as plain text between two clients.  All the messages were stored in the server until the messages are read by the recipient.  WhatsApp's adoption of end-to-end encryption follows Apple's debate with the FBI over the unlocking of a terrorist's iPhone. During the dispute Jan Koum, WhatsApp’s co-founder, said that he supported Apple's position and admired its "efforts to protect user data".  In March it was revealed that WhatsApp had been targeted by court orders asking to access information it holds.
  • 5. The Signal Protocol, designed by Open Whisper Systems, is the basis for WhatsApp’s end-to-end encryption. This end-to-end encryption protocol is designed to prevent third parties and WhatsApp from having plaintext access to messages or calls.
  • 7. Keys used in this encryption Public Key Types • Identity Key Pair – A long-term Curve25519 key pair, generated at install time. • Signed Pre Key – A medium-term Curve25519 key pair, generated at install time, signed by the Identity Key, and rotated on a periodic timed basis. • One-Time Pre Keys – A queue of Curve25519 key pairs for one time use, generated at install time, and replenished as needed. Session Key Types • Root Key – A 32-byte value that is used to create Chain Keys. • Chain Key – A 32-byte value that is used to create Message Keys. • Message Key – An 80-byte value that is used to encrypt message contents. 32 bytes are used for an AES-256 key, 32 bytes for a HMAC-SHA256 key, and 16 bytes for an IV.
  • 8. Exchanging Messages Once a session has been established, clients exchange messages that are protected with a Message Key using AES256 in CBC mode for encryption and HMAC-SHA256 for authentication. The Message Key changes for each message transmitted, and is ephemeral, such that the Message Key used to encrypt a message cannot be reconstructed from the session state after a message has been transmitted or received. The Message Key is derived from a sender’s Chain Key that “ratchets” forward with every message sent. Additionally, a new ECDH agreement is performed with each message roundtrip to create a new Chain Key.
  • 9. Verifying the keys The 60-digit number is computed by concatenating the two 30-digit numeric fingerprints for each user’s Identity Key. To calculate a 30-digit numeric fingerprint: 1.Iteratively SHA-512 hash the public Identity Key and user identifier 5200 times. 2.Take the first 30 bytes of the final hash output. 3.Split the 30-byte result into six 5-byte chunks. 4.Convert each 5-byte chunk into 5 digits by interpreting each 5-byte chunk as a big-endian unsigned integer and reducing it modulo 100000. 5.Concatenate the six groups of five digits into thirty digits.
  • 10. Conclusion Messages between WhatsApp users are protected with an end-to- end encryption protocol so that third parties and WhatsApp cannot read them and so that the messages can only be decrypted by the recipient. All types of WhatsApp messages (including chats, group chats, images, videos, voice messages and files) and WhatsApp calls are protected by end-to-end encryption. WhatsApp servers do not have access to the private keys of WhatsApp users, and WhatsApp users have the option to verify keys in order to ensure the integrity of their communication.