Technology is growing at a lightening speed. We live in a digitalization world where our data is digitized than ever before. We read daily news about sensitive records being stolen or hacked by someone. Someday has to step up and pull the strings else digital information and communication will be vulnerable to attack. To curb this maniac,end-to-end encryption will protect us from unguarded data.
What is Encryption?
It is the process of encoding messages or information in such a way that only authorized parties can read it. It does not of itself prevent interception but denies the message content to the interceptor. It is one of the important tools to promote safety and security in government offices ,public and private companies, and individuals in the world of digitalization.
Recently the discussion on encrypted data was hot topic , Read Apple v/s FBI , there has been a lot of debate over encrypted services and the work of law enforcement. It ensures to keep people safe and conscious efforts are made to keep away from cybercriminals and hackers.
The idea is simple: when you send a message, the only person who can read it is the person or group chat that you send that message to. No one can see that message. End-to-end encryption helps make communication via WhatsApp private – similar to a face-to-face conversation.
How does it work?
WhatsApp is using “The Signal Protocol”, designed by Open Whisper Systems,for its encryption.
It is said that once the session is established, clients do not need to rebuild a new session with each other until the existing session state is lost through an external event such as an app reinstall or device change. Client exchange messages which are protected with a Message Key using AES256 in CBC mode for encryption and HMAC-SHA256 for authentication. The Message Key changes for each message transmitted, and is ephemeral, such that the Message Key used to encrypt a message cannot be reconstructed from the session.” It also says that calls, large file attachments are end-to-end encrypted as well.
Users need to be on the same versions of WhatsApp to ensure that their chats get end-to-end encrypted. If you’ve recently updated the app, and you start a chat with someone else (also on the new version) you are likely to see a message saying, “Messages you send to this chat and calls are now secured with end-to-end encryption.
Once you tap on the message, WhatsApp has a pop-up menu explaining what end-to-end encryption means. Users can verify if the encryption is working as well. If a user taps on verify, they will be taken to a page with a QR code, followed by a string of 60 numbers.
Whenever you reinstall WhatsApp or change your number. The code changed notification pops up and you can verify with QR Code.
Click on Verify button , where you will get another window Verify security code with QR code and below 60 Digit number.
The QR code contains : –
- A version
- the user identifier for both the parties
- The full 32-byte public Identity Key for both the parties
The 60-digit number is computed by concatenating the two 30-digit numeric fingerprints for each user’s Identity key
When either user scans other’s QR code, the keys are compared to ensure that what is in the QR code matches Identity key as retrieved from the server. If the Identity key does not match it throws an error on top of the bar “You opened “Verify Security code ” for the wrong phone number. Open it for correct number to verify
Once the QR code matches Identity key with other users It gives green tick mark that says end-to-end encryption is activated
Also you can check in your friend’s list whether the conversation is encrypted or not.You will see lock symbol means end to end encryption is activated
Sit back,Relax and Enjoy your conversions, chats, calls, photo sharing, documents with all your friends and colleagues Now all your data is in safe hands
Do share your experience about new WhatsApp security and what more improvements you want to see in WhatsApp