The two billion people who use Whatsapp will soon be able to encrypt the backups of the message history end-to-end. The function is to be introduced in the coming weeks for Androd and iOS and also back up those backups that are already stored on the servers of Google Drive and Apple’s iCloud.
WhatsApp assures that it has no access to these backups and explains that these are backed up by the respective cloud-based storage services. With encryption, they can no longer be read by anyone except the respective user without a key.
Whatsapp users can choose whether to encrypt the backup or not. If you decide to do so, you can choose whether you want to write down the 64-digit encryption key yourself and keep it or secure it with a user password on a Whatsapp server. In the second case, the key is stored in a backup key vault based on a hardware security module (HSM). This is specialized hardware that can be used to securely store encryption keys, Whatsapp mother Facebook explains in a white paper (PDF).
Encryption since 2016
If WhatsApp users want to access their backup, they can, depending on the method chosen, access it with their encryption key or use the password to retrieve the encryption key from the HSM-based Backup Key Vault and decrypt the backup.
Whatsapp introduced end-to-end encryption for communication in 2016, as the first platform-independent and mass-market communication service. Private conversations are not only accessible from the operator, but also from the secret services and other state organs. The encryption procedures are documented and were considered state-of-the-art in the crypto community at the time.
(anw)
