[messaging] Second thoughts on WhatsApp encryption
Nadim Kobeissi
nadim at nadim.computer
Fri Nov 21 07:36:51 PST 2014
On Fri, Nov 21, 2014 at 10:15 AM, Joseph Bonneau <jbonneau at gmail.com> wrote:
>
> On Fri, Nov 21, 2014 at 10:06 AM, Nadim Kobeissi <nadim at nadim.computer>
> wrote:
>>
>> You can actually get around the need to trust WhatsApp as a centralized
>> key directory (by implementing a simple form of key authentication (QR
>> codes, fingerprints, etc.)), but that wouldn't solve the problem. The issue
>> here is that even if key authentication is implemented, WhatsApp servers
>> still retain the capacity to selectively disable encryption on a case by
>> case basis.
>>
>
> If you trust the app (verified build, etc.) then the app will tell you
> you're communicating in non-encrypted mode. If you don't trust the app,
> then the app can show you one fingerprint and encrypt with another (or not
> at all), so independent verification of key fingerprints also won't help.
>
Except that even a deterministic build of the app right now wouldn't show
you anything regarding encryption status!
I do get your point. But the server having so much control, in my view,
still interferes, even with deterministically-built clients, to a degree
that definitely warrants it being its own "third challenge." It means that
I can compile from source, authenticate, and still have my encryption
quietly disabled when I fly to Thailand/Saudi Arabia. This is a third
challenge that you can address with a combination of client-side checks and
UI, but it still gives servers too much power.
>
> I should have said "assuming a trusted app and a means of independent key
> verification" then the ability to disable encryption isn't any worse. So
> we're back to the 2 main challenges either way.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20141121/24883a4a/attachment.html>
More information about the Messaging
mailing list