Yaay ! Cheers to Facebook for bringing out encryption in WhatsApp messages. It was like in my 2nd year of undergrad where me and my friend Vaibhav researched on how to hack into whatsapp and read other peoples messages. Since at that time, WhatsApp didn’t have any encryption. All your messages till yesterday were sent in open text format. Yes, the text format of notepad.
Governments and other spying agencies used to enjoy our chats without much effort. Infact anyone could read your message if you are connected with a Wi -Fi network from his mobile phone. Yes, it’s possible but we not be going over there :p
No worries now, since we have got encryption. Woo Hoo !!
Now what happens to our messages. As WhatsApp have already told you that it’s an end to end encryption which means that no one can intercept your messages at any cost.
Well, the whole encryption saga for WhatsApp started around mid 2014. Open Whisper systems developed this encryption for WhatsApp (No, not Facebook devs). Open Whisper systems uses it’s open source software called TextSecure. It’s owned by Twitter by the way. Anyone can use this software if the developer is willing to put some security in his chatting application.
TextSecure uses a number of algorithms, obviously. The primitive or the base algorithms that are used are CURVE25519, AES256, HMAC-SHA256. Am sure all the engineering Computer Science undergrads have heard the terms AES and HMAC-SHA.
Well from these primitives, the double ratchet algorithm comes into place along with a 3DH Handshake. Normally, the AES is said to be one of the most toughest encryptions. So you can imagine the level of security given to your lovely messages now. But one aspect still makes we wonder. TextSecure has been designed not even to expose chats in screenshots. But if your chats are being captured, am sure it must have been tailored.
All we can say is that, go ahead and text worry free. But the threat still loombs. If you have ever read the terms and conditions of WhatsApp, then they indirectly say that they can access all of your texts. Well, that will apply even if you are under encryption. And also, if the government of a particular country wants to keep an eye of their citizens, they might just give the access to it. But consider yourself safe other than these cases :p