[HOT] : WhatsApp adds end-to-end encryption for backups
An end-to-end encryption option will be offered for users who decide to back up to Google Drive or Apple‘s iCloud.
On Android and iOS, the Facebook-owned WhatsApp messaging app will roll out optional end-to-end encryption for backups in the coming weeks. Backups can be sent to Apple’s Google Drive and iCloud cloud services. They allow a restoration of the history of discussions.
”WhatsApp does not have access to these backups, and they are secured by cloud storage services. With end-to-end encryption, neither WhatsApp nor the cloud service provider will be able to access the backup or the backup encryption key. ”
With manual key or password
Decryption of messages will require a 64-digit encryption key that can only be accessed by users manually or through the password verification system. For a password, the key will be stored in a Backup Key Vault based on a transactional black box (Hardware Security Module; HSM).
After unlocking with the associated password in WhatsApp, the HMS provides the encryption key that decrypts the backup present on Apple’s or Google’s servers. It becomes permanently inaccessible after a limited number of failed attempts to access it.
It is a security measure against brute force attacks. “WhatsApp will only know that a key exists in the HSM and will not know the key itself.” WhatsApp specifies that the HSM-based Backup Key Vault service will be distributed to several Facebook data centers distributed geographically around the world.
WhatsApp claims more than 2 billion users. ”WhatsApp is the first global messaging service of this scale to offer messaging and backups with end-to-end encryption, and achieving this has been a very difficult technical challenge that required an entirely new framework for key storage and cloud storage across operating systems, ”says Mark Zuckerberg, founder and boss of Facebook.
With Apple’s iMessages messaging service, the Cupertino group is in possession of the keys for encrypting backups.