Colin Mc Hugo

0 %
Colin Mc Hugo
Security Engineer Manager & CEO at Quantum Infinite Solutions Group Ltd.
  • Residence:
  • County:
  • Country:
Cyber Security Incident Response
Management & Architecture of Cyber Security Teams
Solutions & Coaching
  • Cyber Security Incident Response
  • Management & Architecture of Cyber Security Teams
  • Solutions
  • Training & Coaching

WhatsApp announces end‑to‑end encrypted backups

September 15, 2021

The Fb-owned messaging service plans to roll out the characteristic to each iOS and Android customers within the coming weeks.

Whereas customers already had the choice to again up their message historical past utilizing cloud-based companies, they may quickly be capable to retailer their backups end-to-end encrypted (E2EE), WhatsApp has announced.

The introduction of the brand new characteristic signifies that customers gained’t need to solely depend on the safety measures carried out by their cloud-storage suppliers however can safe their backups together with the contents of their chats earlier than they add them to the cloud.

“To allow E2EE backups, we developed a wholly new system for encryption key storage that works with each iOS and Android. With E2EE backups enabled, backups will probably be encrypted with a singular, randomly generated encryption key. Folks can select to safe the important thing manually or with a consumer password,” reads WhatsApps’s weblog saying the much-desired characteristic.

If the consumer chooses to go along with the password the important thing will then be saved in Backup Key Vault which is constructed round a element referred to as {hardware} safety module (HSM) – a {hardware} system used to guard and retailer digital encryption keys. In its whitepaper, the Fb-owned messaging platform describes its HSM-based Backup Key Vault as being akin to protected deposit packing containers provided by conventional banks. As soon as customers have to entry or restore their backups they will use the password they created to retrieve the important thing that has been saved within the HSM-based Backup Key Vault and proceed to decrypt their backup.

“The HSM-based Backup Key Vault will probably be accountable for implementing password verification makes an attempt and rendering the important thing completely inaccessible after a restricted variety of unsuccessful makes an attempt to entry it. These safety measures present safety towards brute-force makes an attempt to retrieve the important thing. WhatsApp will know solely {that a} key exists within the HSM. It is not going to know the important thing itself,” the messaging platform stated, elaborating on the security measures it has put in place.

The choice to utilizing a password for accessing and decrypting their backups is utilizing a 64-digit encryption key. Nevertheless, memorizing a 64-digit encryption secret is simpler stated than performed, so customers will most likely need to both maintain a document of it someplace (which isn’t actually a protected selection) or resort to storing it in a password manager.

WhatsApp stated that the end-to-end encrypted backups ought to be rolled out to each iOS and Android over the upcoming weeks.

Posted in SecurityTags:
Write a comment