Encrypted backups cannot be accessed by WhatsApp or the backup service provider.
WhatsApp announced on September 10 that it will soon allow users to protect their message backups using end-to-end encryption. While WhatsApp already allows users to back up their message history via Google Drive and iCloud, they are currently secured by the cloud-based storage services.
🎉 WhatsApp is the leading global messaging service to offer *both* end-to-end encrypted messaging and backups on iCloud or Google Drive. 🎉
So you can make sure that bestie’s voice messages and mum’s secret recipe will be safely stored in a place only you can access.
— WhatsApp (@WhatsApp) September 10, 2021
Facebook says it created an all-new system for encryption key storage to make end-to-end encryption possible for backups on both Android and iOS. Once you enable end-to-end encryption, your backups will be encrypted with a unique, randomly generated encryption key. You can secure the key manually or with a password.
When you choose to use a password, the encryption key is stored in a Backup Key Vault that is “built based on a component called a hardware security module — specialized, secure hardware that can be used to security store encryption keys.” You can access the backup using your encryption key or your personal password to retrieve the key from the Backup Key Vault.
The encryption key will be rendered permanently inaccessible after a “minimal number” of unsuccessful attempts to access it. This, Facebook says, will help prevent brute-force attempts to retrieve the key.
ChatD, which is WhatsApp’s front-end service, will implement a protocol to send the encryption keys to and from the app’s servers. The contents of the encrypted messages, however, will not be accessible to ChatD. WhatsApp also clarifies that it will only know a key exists in the HSM, but not the key itself.
The HSM-based Backup Key Vault service will be located across multiple Facebook data centers to prevent outages and ensure that it operates reliably for over 2 billion WhatsApp users.
The feature will roll out to users on the best Android phones and iPhones over the coming weeks.
Nick, Ara, Michael Fisher, and Daniel ponder the Ray-Ban Stories, a collaboration with Facebook that includes cameras in a form barely different from a regular pair of Ray-Ban Wayfarer frames. Ara reports on the Lenovo Chromebook Duet 5 detachable, and the Fossil Get 6 is the first Wear OS smartwatch with Qualcomm’s Snapdragon Wear 4100+....
We expect the new Samsung Galaxy A52 will take home the crown for best cheap Android phone of the year. It’s the successor to the ultra-popular Galaxy A51 from last year that was actually Samsung’s best-selling phone over the course of the year. And why wouldn’t you want to keep one of the best Samsung...