TECH

WhatsApp Adds End-To-End Encryption: Here's Why That's Important

06/04/2016 08:44

WhatsApp announced last night that it would now be adding end-to-end encryption to all of its communications.

That means every message, every image, every voice recording and WhatsApp call will now be fully hidden from hackers, and governments.

Bloomberg via Getty Images

Speaking via a blog update, WhatsApp founders Jan Koum and Brian Acton explained the importance of encryption in a climate where companies like Apple are taking on government agencies.

"Recently there has been a lot of discussion about encrypted services and the work of law enforcement" they wrote.

"While we recognize the important work of law enforcement in keeping people safe, efforts to weaken encryption risk exposing people's information to abuse from cyber criminals, hackers, and rogue states."

WhatsApp has over a billion users worldwide, and now joins a number of encrypted services including Apple's iMessage and the anonymous messaging app Telegram.

How do I get end-to-end encryption on WhatsApp?

Simple, you just download the latest version of WhatsApp on iOS, Android or Windows Phone.

For those of you with updates enables in the background you should now start seeing this message pop-up in each of your chats. It will only appear once.

WhatsApp

What is end-to-end encryption?

Since the public backlash to the government's new Investigatory Powers Bill in the UK and Apple's public battle with the FBI, privacy has come to the forefront of people's minds.

Leading that charge is encryption - a security feature which scrambles information allowing only the sender and the recepiant of the message to see whats been said.

Late last year we spoke to Richard Anstey, EMEA CTO at Intralinks who helped explain what end-to-end encryption actually is:

Right, what is end-to-end encryption?

End-to-end encryption is the jumbling of information using a 'magic key' to then decrypt it. What happens is that each party has a couple of keys, one which is public and one which is private.

So If I want to send something to you, I use your public key to encrypt it in a way that only your private key can decrypt it.

True end-to-end encryption is also known as 'Zero Knowledge' which means that the middle party (Apple, Facebook) have zero knowledge of the information contained within the message.

Can anyone other than the recipient read an end-to-end encrypted message?

No, not if you're using Zero Knowledge. However there are arguments that say if you used all the computing resources currently available in the world how many millions of years would it take to encrypt it etc. Put simply the strength of encryption now means it's just not feasible.

OK, so what could companies/governments do to then read our messages?


They would have to change the way in which the system works, you could use a weaker encryption algorithm, or they could grab everybody's private keys. This is what's known as a 'back door'

Apple could simply tell iMessage to start collecting the private keys on everyone's phone, but then that would be changing the way the system works.

This would essentially mean you're still getting end-to-end encryption but you're removing the 'Zero Knowledge' aspect of it, which in turn makes the whole exercise fairly pointless.

Suggest a correction
Comments

CONVERSATIONS