[messaging] The downsides of no key verification

Jason A. Donenfeld Jason at zx2c4.com
Thu Jun 9 13:26:52 PDT 2016

Hi folks,

WhatsApp doesn't enforce any key verification, as we all know. I'm not
sure, however, that this behavior is well-known:

1. Alice and Bob converse over WhatsApp
2. Alice drops her phone in a swimming pool.
3. Bob sends Alice a message, "lol looks like your phone went
swimming", which she doesn't receive, since her phone is now broken.
4. While Alice is drying off after the swim, Malory registers a new
instance (and thus new key) of WhatsApp and registers it with Alice's
number by hanging out on SS7 to intercept the SMS verification.
5. Bob's phone now automatically and invisibly *retransmits* and
*reencrypts* the "lol" message to Malory's new unauthenticated keys.

Perhaps the retransmission in step 5 isn't a very good idea.


More information about the Messaging mailing list