October 27, 2020

They discover a way to access WhatsApp backups

The end-to-end encryption system that protects the data of WhatsApp users, which in theory prevents anyone other than the sender or the receiver from accessing the information, has a back door that allows access stored backups on the Google Drive servers.

This has been assured by the Reddit user crawl_dht, who has explained the way it works the AES-GCM-256 encryption protocol, used by WhatsApp for years and also other platforms such as Zoom video calls.

AES-GCM-256 is an end-to-end encryption mode in which the data is encrypted by 256-bit keys that only the sender and receiver have. Without them it is not possible to know the content of the information exchanged, even if it goes through servers and the cloud, not even by its own developer.

However, according to the Reddit user, in the case of WhatsApp these keys are not created on the device itself -as happens in the Signal app- but they are generated in the application servers, from where they are sent to the user.

Every time the user accesses WhatsApp from a new device, the application receives the key to access the backup copies of the chats stored in Drive. These keys continue to be used later to encrypt the chats, until they are periodically restored by others, although they are generated again on the servers of the company, owned by Facebook.

In this way, a ‘back door’ is opened to the end-to-end encryption that WhatsApp promises, due to the fact that the previous encryption keys They are stored on servers for users who want to access their old backups.

In any case, this back door makes it necessary to have access to the linked Google account with the owner’s WhatsApp profile.

On previous occasions, WhatsApp has already reminded its users that no one, not even the company, has access to the chats nor to other data as to user calls thanks to end-to-end encryption, present both in its usual application and in WhatsApp Business.


Source link