WhatsApp Launches End-to-End Encrypted Chat Backups on Android and iOS
WhatsApp said in the coming weeks, it will release its end-to-end encrypted chat backups as an optional feature.
WhatsApp said in the coming weeks, it will release its end-to-end encrypted chat backups as an optional feature. It has long been said that WhatsApp is working on a feature that would secure your chat backups on Apple's Google Drive and iCloud using the end-to-end (E2E) encryption technique. End-to-end encryption is the same technique WhatsApp uses to safeguard all communications that take place on its platform. Reports in the past have detailed how this feature could be implemented. Now, months later, WhatsApp finally announced that it is rolling out end-to-end encrypted chat backups on its platform.
WhatsApp shared in a blog post announcing the news, "People can already backup their WhatsApp message history via cloud-based services like Google Drive and iCloud. WhatsApp does not have access to these backups, and they are secured by the individual cloud-based storage services...But now, if people choose to enable end-to-end encrypted (E2EE) backups once available, neither WhatsApp nor the backup service provider will be able to access their backup encryption key".
WhatsApp's new feature unlike the (E2E) technique, which it uses by default to protect all conversations on its platform, end-to-end encrypted chat backup is not a default feature. WhatsApp users must opt-in or enable this feature to ensure that their chat backups on Google Drive or iCloud are protected by the same encryption technology that the company uses to safeguard chats on its platform.
How E2EE Backups Work
WhatsApp says that to enable E2EE backups, it developed a new system for storing encryption keys that work with both iOS and Android. With this encryption system, chat backups will be encrypted with a unique randomly generated encryption key. Individuals can choose to protect the key manually or with a user password.
When a WhatsApp user opts for a password, the key is stored in a Backup Key Vault that is built on the basis of a component called a Hardware Security Module (HSM) - specialized, secure hardware that can be used to store securely. encryption keys. When the account owner needs to access their backup, they can access it with their encryption key, or they can use their personal password to retrieve their encryption key from the HSM-based Backup Key Vault and decrypt their backup. The HSM-based Backup Key Vault will be responsible for enforcing password verification attempts and making the key permanently inaccessible after a minimum number of unsuccessful attempts to access it.
This security system will provide protection against malicious hackers who attempt to use brute force techniques to crack passwords in an attempt to gain access to a user's chat backup. "WhatsApp will only know that there is a key in the HSM. He will not know the key itself, "WhatsApp explained.
When someone wants to recover their backup, they need to enter their password, which is encrypted and then verified by the backup key. Once verified, Backup Key Vault will send the encryption key to WhatsApp, which can then be used to decrypt the chat backup."Alternatively, if an account owner has chosen to use the 64-digit key alone, they will have to manually enter the key themselves to decrypt and access their backups," WhatsApp further added.WhatsApp settingswill offer both options, ie "Create a password" and "Use a 64-digit encryption key instead".