igor - Fotolia
Facebook has come under fire for a serious vulnerability in WhatsApp’s end-to-end encryption system, which puts users under the risk of surveillance.
Security researchers said the vulnerability underlines the importance of encryption key management and expressed concerns about the potential for governments and others to exploit the vulnerability, while privacy groups said the vulnerability is a threat to freedom of speech.
Facebook acquired WhatsApp in a deal worth $19bn in 2014, and introduced full end-to-end encryption by default in 2016, which was widely welcomed by security industry suppliers and commentators.
Responding to market pressures for greater privacy, Facebook said the move was aimed at making online communication private by blocking access by cyber criminals, hackers, governments and Facebook itself.
The encryption works by generating unique encryption keys that are exchanged and verified between users to guarantee communications are secure.
However, a researcher has discovered that WhatsApp has the ability to force the generation of new encryption keys for offline users and to make the sender re-encrypt and resend the messages.
This can be done without the knowledge of the recipient, while the sender is notified only if they have enabled encryption warnings and only after the messages have ben resent, reports the Guardian.
Vulnerability in the WhatsApp encryption
The vulnerability in the WhatsApp encryption system is not inherent to the Signal protocol and was discovered by Tobias Boelter, a security researcher at the University of California, Berkeley.
According to Boelter, if WhatsApp were ordered to do so by a government, it could grant access to messages sent through the service because of the way the Signal Protocol has been implemented.
In Open Whisper Systems’ Signal messaging app, if a recipient changes the key while offline, a sent message will fail to be delivered. But the sender will be notified of the change and the message will not be resent automatically.
However, in the case of WhatsApp, an undelivered message with a new key is resent automatically without notifying the user if they have not changed the default settings.
A WhatsApp spokesperson told the Guardian that in WhatsApp’s implementation of the Signal protocol there is a “Show Security Notifications” option under account security settings that notifies users when a contact’s security code has changed.
“We know the most common reasons this happens are because someone has switched phones or reinstalled WhatsApp. This is because in many parts of the world, people frequently change devices and SIM cards. In these situations, we want to make sure people’s messages are delivered, not lost in transit.”
In a subsequent statement to Computer Weekly, the company said: “WhatsApp does not give governments a ‘backdoor’ into its systems and would fight any government request to create a backdoor.”
WhatsApp reiterated that its implementation of the Signal protocol was a “design decision” that prevents millions of messages from being lost.
“WhatsApp offers people security notifications to alert them to potential security risks,” the company said, adding that “WhatsApp published a technical white paper on its encryption design, and has been transparent about the government requests it receives, publishing data about those requests in the Facebook Government Requests Report.
Facebook aware of the issue
According to Boelter, he reported the vulnerability to Facebook in April 2016, but was told that the company was aware of the issue and that it was “expected behaviour”.
Since then, WhatsApp has become popular as a communications tool for activists, dissidents and diplomats, but the continued existence of vulnerability has been confirmed by a third party, according to the Guardian, potentially enabling governments or others to monitor targeted conversations.
The potential for governmental abuses from this misuse of encryption with WhatsApp is alarming, said Kevin Bocek, chief cyber security strategist at security firm Venafi.
“This is a serious vulnerability – WhatsApp needs to know how keys are protected in order to keep the global communications of over a billion users safe and private,” he said.
This potential gap in security, said Bocek, is a reminder for businesses of the power of cryptographic keys and how a lack of knowledge regarding their use can have serious consequences.
“Systems need to be in place to protect and change keys quickly, as and when needed. This is critical at a time when governments worldwide are attempting to break down and intrude on the use of encryption to protect privacy,” he said.
Jacob Ginsberg, senior director at encryption firm Echoworx said WhatsApp has been instrumental in “consumerising” encryption to educate the public about the attempts from governments and law enforcement to weaken the technology in the interest of national security.
“Having a security backdoor that forces the generation of new encryption keys is bad enough. But not making the recipient aware of this change is highly unethical. It calls into question the security, privacy and credibility of the entire service and the business,” he said.
According to Ginsberg, the fact that Facebook has known about this vulnerability since April 2016 is doubly concerning. “Not only could this be seen by many as supporting ongoing government data collection interventions, it means their talk of encryption and privacy has been nothing more than lip service. The company needs to actively address its security measures.
“These revelations add to the severe lack of clarity around encryption backdoors, most recently brought about by the UK’s new Investigatory Powers Act,” said Ginsberg. “While we know consumers are willing to trade their personal information for access to seemingly free services such as WhatsApp, now is the time to ask at what cost to personal privacy and start taking privacy more seriously.”
Read more about the IP Act
- Labour’s shadow home secretary Diane Abbott says wider society must now debate the controversial Investigatory Powers Bill, despite parliamentary approval.
- As the Investigatory Powers Bill goes through its final stages in parliament, a former GCHQ intelligence officer puts the case for the bulk surveillance powers contained in the legislation.
- Former NSA technical director Bill Binney talks about the Investigatory Powers Bill and the UK government’s independent review of bulk surveillance powers.
The controversial IP Act allows the government to intercept bulk data of users held by private companies, without suspicion of criminal activity, and to force companies to “maintain technical capabilities” that allow data collection through hacking and interception.
“If companies claim to offer end-to-end encryption, they should come clean if it is found to be compromised – whether through deliberately installed backdoors or security flaws,” said Jim Killock, executive director of Open Rights Group.
The civil rights group Liberty has received pledges of more than £40,000 through a crowdsourcing platform to support plans to challenge the lawfulness of bulk surveillance powers in the IP Act.
The crowdsourcing appeal quickly passed its initial target of raising £10,000 by 8 February 2017. At the time of writing, £44,910 of a new target of £50,000 had been pledged by 1,535 supporters.
Read more on Privacy and data protection
IT professionals wary of government campaign to limit end-to-end encryption
Tech companies risk being compelled by law to protect children, says online safety expert
Government funds charity campaign to warn big tech over the risks of encryption to children
European ‘chat control’ plans in the name of ‘child safety’ threaten end-to-end encryption