Transcription
WhatsApp End-to-End Encryption:Are Our Messages Private?Research project by:Pavlos LontorfosTom CarpaijSupervisors:Ruben De VriesSoufiane el Aissaoui1
Introduction2
Introduction 1.5 billion users“Black box” applicationSecurity vs. end-to-end encryptionCan we trust Facebook's claim of End-to-Endencryption?3
Research questionsIs user-to-user message exchange via WhatsApp End-to-Endencrypted? What are the algorithms used to create the Signal protocol?What are the differences between Signal and WhatsApp network traffic?To what extent are WhatsApp messages encrypted to the Signal protocolspecifications?4
Literature review Breach of End-to-End encryption in group messages [1]Non-blocking WhatsApp implementation [2]Voicemail account verification hijack [3]Signal protocol papers [4] [5]WhatsApp End-to-End encryption implementation whitepaper [6]Formal proof of Signal protocol security [7]5
Background: Extended Triple Diffie-Hellman (X3DH)X3DH illustration. From Open Whisper Systems, by Marlinspike and Perrin, 2016.Retrieved from https://signal.org/docs/specifications/x3dh/6
Background: Single ratchet algorithmSingle ratchet illustration. From Open Whisper Systems, by Perrin and Marlinspike , 2016.Retrieved from et/7
Background: Double ratchet algorithmDouble ratchet illustration. From Open Whisper Systems, by Perrin and Marlinspike , 2016.Retrieved from et/Set3 2.png8
Blocking-Non blocking mechanismSignal: Blocking Mechanism No message retransmissionSmaller User BaseSecureWhatsApp: Non-blocking Mechanism Messages are retransmittedFriendly user experience/ convenienceSecurity issues - Attack scenario9
MethodsAssumptions made: If Signal is implemented correctly, the protocol is secureSignal Application implements their protocol correctlyWhatsApp is proprietary softwareAndroid version was analyzed. Protocol implementation remains the samefor IOSLatest available version of WhatsApp(2.18.380) and Signal(4.32.8)10
Experiments11
Experiment: Traffic comparison12
Results: Traffic comparison13
Experiment: Packet decryption14
Results: Packet decryption15
Results: Packet decryption16
Results: Packet decryptionUnfortunately no packets captured from WhatsAppNoise Pipes : Custom protocol instead of TLSBurp Suite couldn’t recognise those packets17
Experiment: Basic blocking18
Experiment: Basic blocking19
Experiment: Basic blocking20
Experiment: Basic blocking21
Experiment: Basic blocking22
Experiment: Basic blocking23
Experiment: Basic blocking24
Results: Basic blocking25
Experiment:Sender offline blocking26
Experiment:Sender offline blocking27
Experiment:Sender offline blocking28
Experiment:Sender offline blocking29
Experiment:Sender offline blocking30
Results: Sender offline blocking31
Experiment:Sender offline blocking32
Experiment: Sender offline blocking33
Results: Sender offline blocking34
Experiment: Sender migration blocking35
Results: Sender migration blocking36
Discussion We expected the traffic of both applications to be more similarDecryption could verify the correct use of the Signal protocol37
Future work Key extraction and message decryption (reverse engineering)Phone call verification abuseMetadata collectionWhatsApp, Instagram and Messenger integration38
Conclusion What are the algorithms used to create the Signal protocol?What are the differences between Signal and WhatsApp networktraffic?To what extent are WhatsApp messages encrypted to the Signalprotocol specifications?Is user-to-user message exchange via WhatsApp end-to-endencrypted? Probably yes39
References [1] P. R ̈osler, C. Mainka, and J. Schwenk, “More is less: On the end-to-end security ofgroup chats in signal, whatsapp, and threema,” 2018. [2] M. Marlinspike, “ There is no WhatsApp ’backdoor’),” 2017, last accessed 22 January2019. [Online]. Available: oor/ [3] M. Vigo, “Compromising online accounts by cracking2018, last accessed 21 January 2019. [Online]. ker/ [4] K. Cohn-Gordon, C. Cremers, B. Dowling, L. Garratt, and D. Stebila, “A formal securityanalysis of the signal messaging protocol,” in Security and Privacy (EuroS&P), 2017 IEEEEuropean Symposium on. IEEE, 2017, pp. 451–466. [5] WhatsApp, “Whatsapp encryption overview,” April 5, 2016, p. 12.voicemail systems),”40
WhatsApp is proprietary software Android version was analyzed. Protocol implementation remains the same for IOS Latest available version of WhatsApp(2.18.380) and Signal(4.32.8) 10