Encryption in messengers

What is end-to-end encryption?

End-to-end, e2e for brevity means solely the sender and receiver will decipher the contents of the message. as a result of solely they need the keys to decipher. Third parties that intercept the message will, in theory, acknowledge is act with whom. As an example like in Ubicom FlashTok Messenger, within the case of encrypted email messages, the sender and recipient addresses ar recognized. However, the manager should guess or calculate the key to decipher the content. Fashionable cryptographical systems ar designed to be nearly not possible or take decades or a lot of.

What does it look like on WhatsApp?

Users of the current version of WhatsApp now communicate with each other e2e, in individual and group chats, when transferring images, videos, voice messages and files, as well as in WhatsApp conversations. You do not need to do anything else, the structure of the encrypted connection and the necessary key exchange take place completely in the background. But users can tell if the chat is encrypted or not. The latter can happen if the partner is still using an outdated version of WhatsApp. WhatsApp displays the start of encrypted chats at the transition stage, and also displays a lock icon in the settings of each chat, if it is encrypted.

In addition, WhatsApp users can make sure that they really communicate with their colleagues. Both have a so-called unique fingerprint, now called a WhatsApp security code. It consists of 60 digits that you need to read to each other over the phone. In addition, it can be represented as a QR code that users scan each other when they meet in person. Whoever uses the WhatsApp Threema alternative knows the principle.

If you really want to be careful, check the key comparison: in the settings you can specify that you will receive information about any changed security code. This is similar to this screenshot and occurs when a contact uses a new smartphone or reinstalls WhatsApp or when a third party tries to impersonate that contact.

In particular?

WhatsApp’s e2e is based on the so-called signal protocol, formerly called Axolotl protocol. Considered exemplary, the developers of Open Whisper Systems for cryptography expert Moxy Marlene Spike previously used it in the TextSecure and Signal messaging applications. The protocol is open source, so it can be verified by third-party experts and includes several strong cryptographic methods, including direct secrecy.

The latter means that WhatsApp uses short-term keys to protect each individual message. A supervisor who somehow registers and stores WhatsApp messages during transmission, and then receives a subscriber key, can neither decrypt old chats afterwards, nor future chats.

What does this WhatsApp user encryption protect against?
WhatsApp itself cannot decode what users write, send or say. Because the necessary keys are located exclusively on their terminals. Therefore, even criminals or special services, even if they somehow manage to penetrate the company’s systems, cannot decrypt messages. In addition, law enforcement agencies such as the WhatsApp FBI can no longer require editing chats.

What are the alternatives?

There are many messaging apps with e2e. Here are just a few of them: The signal is based on the same technology as WhatsApp, but is not connected to WhatsApp and its parent Facebook. Threema is actually not open source and currently costs only 2.49 euros for Android and 2.99 euros for iOS, but is well suited for testing and works as a cross-platform WhatsApp. The lesser-known Surespot is open source, free, and runs on iOS and Android. Telegram is popular, but the implementation of e2e is not in the opinion of critics.