WhatsApp announced on Friday that it will provide end-to-end encrypted conversation backups in the cloud for Android and iOS users, allowing users to store information such as chat messages and photographs in a cryptographically safe manner in Apple iCloud or Google Drive.
The functionality, which will be available to all of WhatsApp’s two billion users in the coming weeks, is expected to work exclusively on the principal devices associated with their accounts, rather than secondary devices such as desktops or laptops that just reflect WhatsApp’s content on phones. While the Facebook-owned messaging platform enabled end-to-end encryption (E2EE) for personal messages, calls, video chats, and media between senders and recipients as early as April 2016, the content — should a user choose to back up on the cloud to enable the transfer of chat history to a new device — was not protected until now.
WhatsApp established an HSM (Hardware Security Module) based Backup Key Vault with the launch of end-to-end encrypted backups to securely store per-user encryption keys for user backups in tamper-resistant storage, assuring enhanced security of users’ message history, according to a whitepaper. It continues, “With end-to-end encrypted backups enabled, the client encrypts the chat messages and all messaging data (i.e. text, photographs, videos, etc) that is being backed up using a random key created on the user’s device before saving backups in the cloud.”
To that end, the key used to encrypt the backup is protected by a user-supplied password that is saved in the vault for easy recovery if the device is lost or stolen. Users can also provide a 64-digit encryption key instead of a password; however, the encryption key will have to be manually saved in this case because it will no longer be transferred to the HSM Backup Key Vault. When an account owner needs to access their backup, they can do so by entering their password or 64-digit key, which is then used to acquire the encryption key from the backup key vault and decrypt their backups.
The vault is geographically distributed across five data centres and is also in charge of enforcing password verification and rendering the key permanently inaccessible after a set number of unsuccessful attempts is exceeded, preventing malicious actors from using brute-force attacks to recover the key.
Unencrypted cloud backups have been a serious security flaw that has allowed law enforcement agencies to access WhatsApp messages in order to obtain incriminating evidence for criminal investigations. As a result of this escape route, Facebook is once again at odds with governments throughout the world, who have slammed the company’s move to implement E2EE across all of its services.
Since then, Facebook has used E2EE for Messenger’s Secret Conversations, and the feature has recently been expanded to include voice and video calls. In addition, the social media behemoth plans to test E2EE for Instagram direct messages in a restricted capacity.