WhatsApp denies encrypted messages can be intercepted
New York: WhatsApp has denied reports that encrypted messages on its platform can be read or intercepted, saying that since April 2016, WhatsApp messages and calls are end-to-end encrypted by default.
A security vulnerability that can be used to allow Facebook and others to intercept and read encrypted messages has been found within its WhatsApp messaging service, The Guardian reported on Friday.
“The Guardian’s story on an alleged ‘backdoor’ in WhatsApp is false. WhatsApp does not give governments a ‘backdoor’ into its systems. WhatsApp would fight any government request to create a backdoor,” said Brian Acton, Co-founder WhatsApp, in a Reddit post.
WhatsApp has published a technical white paper explaining its implementation of end-to-end encryption.
The security issue was detected by Tobias Boelter, a cryptography and security researcher.
“If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys,” The Guardian quoted Boelter as saying.
WhatsApp said it was designed to be simple and they had built end-to-end encryption, with encryption as the default so that not a single one of their one billion users has to turn on encryption.
“The fact that WhatsApp handles key changes is not a ‘backdoor’, it is how cryptography works. Any attempt to intercept messages in transmit by the server is detectable by the sender, just like with signal, PGP, or any other end-to-end encrypted communication system,” said Moxie Marlinspike, who designed WhatsApp’s encryption, in a blog.