WhatsApp automates cryptographic verification of user accounts – Computer

Fb headquarters: Hey no one checks the cryptographic keys we ship them from our servers. We have to make this simpler. Let’s make public which individuals all have WhatsApp and go their keys, after which everybody’s WhatsApp app can obtain that information from our servers to be completely certain!

Profit: folks really feel safer
Benefit: media consideration
Cons: it does not do something

(I’ve not delved into the gadget keys, that is in regards to the computerized verification that the Tweakers headline reveals off.)

Their weblog put up takes you to a GitHub repository the place the readme hyperlinks to a paper SEEMless: Safe Finish-to-Finish Encrypted Messaging with much less belief. “we formalize the notion of [zo’n key directory]: a system which permits customers to watch the keys that the service is distributing on their behalf“. So it’s particularly about that the one who owns the important thing also can test whether or not the proper key’s issued. However what one particular person receives doesn’t should be the identical as what the opposite particular person receives in response from the listing server. When you have the identical IP handle and no different metadata is shipped alongside, it turns into tough for the attacker to distinguish, however aside from the unintentional moments if you find yourself on the identical WiFi with somebody, that isn’t the case Or if you’re, the attacker sends again a response “the service is quickly unavailable”. I can hardly think about that WhatsApp would then block it or difficulty a warning, however anyway this example solely applies when the attacker can not know which gadget is requesting so even when they implement it accurately it often does not matter.

It appears so ineffective that I ponder if I am getting it proper. Studying deeper into that publication, nonetheless, I see precisely the issue cited and the answer confirmed as being “properly then the particular person whose key it’s ought to hold asking Fb which key they uploaded”:

we count on the server to have the ability to show to Bob that he’s seeing Alice’s newest key [..] That is trivial to attain if we assume that Alice can all the time signal her new public key along with her outdated secret key. However this can be a fully unreasonable assumption from a median person who could lose her gadget or re-install the software program, thereby dropping her earlier secret key; the person will solely have entry to her newest secret key which is saved on her newest gadget. It’s essential to not assume that Alice or Bob can bear in mind any cryptographic secret. Below this constraint, we’d like Alice to watch her key sufficiently usually to verify her newest key’s within the server listing. Solely then, we will speak about Bob getting Alice’s newest key in a significant means.

For somebody who performs alongside at residence and reads on: the publication then says “The server [publishes updates] in batches, and publishes a dedication to the present state of the database com and proof Π Upd {that a} legitimate replace has been carried out“, however how does that assist? The server indicators the replace with its personal key. The definition of end-to-end encryption is “a system of communication the place solely the customers speaking can learn the messages.” Not the server however solely the customers. In concept, it’s, till the server unilaterally decides to step in with out person intervention. (See additionally the query elsewhere in these feedback about whether or not a decide can order that they wish to learn alongside. Here is your methodology. You then don’t have any historical past, however you do have the chat any more.)

TL;DR: You do not belief a cryptographic path, you do not belief something the events bear in mind when a cryptographic path will not be accessible, however you belief the server to be honest to each events.

Additionally recognized from Keybase, who say that the chat is end-to-end encrypted however you simply cannot test it. You simply should belief the server to be sincere with each events.

[Reactie gewijzigd door Lucb1e op 13 april 2023 21:08]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.