One of the most contentious issues between messaging platform WhatsApp and the Government of India in recent months has been regarding the end-to-end encryption technology which WhatsApp uses to ensure that messages between two parties can be read only by them. The Government of India on the other hand wants the messaging platform to trace the origin of messages which may create a law and order situation. WhatsApp has said that the ability to trace messages would mean breaking the end-to-end encryption of chats which would severely undermine the privacy of billions of people who communicate digitally. WhatsApp has now announced that it would encrypt chat backups as well.
WhatsApp on Friday announced that is planning to give people the option to protect their WhatsApp backups using the end-to-end encryption technology. At present, users have the ability to backup their WhatsApp chats through cloud based services like Google Drive and iCloud. These backups are then secured by individual cloud-based storage services and WhatsApp does not have any access to these backups.
How will End-to-End Encrypted Backups work?
As the users will enable end-to-end encrypted backups, the backups will be encrypted with a unique, randomly generated encryption key. Users will then have the option to secure the key manually or with a user password. If the user opts for a user password, then the key will be stored in a Backup Key Vault which is based on a component called a Hardware Security Module (HSM), a specialised secured hardware that can be used to store encryption keys securely. Upon being encrypted, a backup can then be stored off device to iCloud or Google Drive.
If the user needs access to their backup they can use their personal password and retrieve their encryption key from the HSM - based Backup Key Vault and decrypt their backup. The HSM - based Backup Key Vault provides protection against brute-force attempts and renders the key permanently inaccessible after a limited number of unsuccessful attempts.
Alternatively, if the user has not opted for a user password but opted for the manual 64-digit key alone, then they will have to manually enter the key themselves to decrypt and access their backups.
How secure is the HSM - based Backup Key Vault?
WhatsApp has its front-end service called ChatD which handles client connections and client-server authentication. ChatD will implement a protocol that sends the keys to backups to and from WhatsApp servers. The client and HSM-based Backup Key Vault will then exchange encrypted messages, the contents of which will not be accessible to ChatD itself.
"WhatsApp will know only that a key exists in the HSM. It will not know the key itself," WhatsApp said in its announcement note.
Also, to ensure that the system is always available, the HSM-based Backup Key Vault service will be geographically distributed across multiple data centers to keep it up and running in case of a data center outage.
End-to-End Encrypted backups will be available on iOS and Android in the coming weeks.