INTRODUCTION:It’s a best security project that’s taken around a year and a half to complete, but messaging giant WhatsApp has now fully implemented strong end-to-end encryption on its platform and across all mobile platforms for which it offers apps.
This means all users of the latest versions of the messaging app will have their communication and media end-to-end encrypted by default. And there are a lot of WhatsApp users; earlier this year the Facebook owned company announced it had passed a billion active users.Securing cross-platform video communications was the last piece of the puzzle, according to a WhatsApp spokesman.
The algorithms involved are: Diffie–Hellman key exchange or Elliptic curve Diffie–Hellman
CONCEPTS:End-to-end encryption means the content of communications are not stored in plaintext(simple text formate) on WhatsApp’s servers. Not is the any company that able to decrypt users’ messages to access them since it does not hold the encryption keys. So WhatsApp will be unable to be compelled to hand over messaging data even if served with a warrant by authorities demanding access.
While the WhatsApp news may seem timely in light of the recent high-profile battle between Apple and the FBI over an encrypted iPhone, the company has in fact been implementing encryption since 2013, the year NSA whistleblower Edward Snowden triggered a global privacy storm by revealing the extent of government mass surveillance programs.
WhatsApp then went on to partner with Open Whisper Systems the following year, and has been integrating its widely respected end-to-end encryption Signal Protocol specifically since late 2014. In a blog post today the not-for-profit hacker collective behind the latter open source tech confirmed the
WhatsApp implementation is now complete.
“This includes chats, group chats, attachments, voice notes, and voice calls across Android, iPhone, Windows Phone, Nokia S40, Nokia S60, Blackberry, and BB10,” it wrote. “Users running the most recent versions of WhatsApp on any platform now get full end to end encryption for every message they send and every WhatsApp call they make when communicating with each other.”
What is the "Verify security code" screen in my contact info/group info?
Each of your chats has its own security code used to verify that your calls and the messages you send to that chat are end-to-end encrypted.
NOTE: The verification process is optional and is used only to confirm that the messages you send are end-to-end encrypted.
This code can be found in the contact info/group info screen, both as a QR code and a 60-digit number. These codes are unique to each chat and can be compared between people in each chat to verify that the messages you send to the chat are end-to-end encrypted. Security codes are just visible versions of the special key shared between you - and don't worry, it's not the actual key itself, that's always kept secret.
IMPORTANT:End-to-end encryption is always activated, provided all parties are using the latest version of WhatsApp. There is no way to turn off end-to-end encryption.
HOW TO USE END-TO-END ENCRYPTION METHOD
To verify that a chat is end-to-end encrypted
1. Open the chat.
2. Tap on the name of the contact or group to open the contact info/group info screen.
3. Tap Encryption to view the QR code and 60-digit number.
If you and your contact are physically next to each other, one of you can scan the other's QR code or visually compare the 60-digit number. If you scan the QR code, and the code is indeed the same, a green checkmark will appear. Since they match, you can be sure no one is intercepting your messages or calls.
If the codes do not match, it's likely you're scanning the code of a different contact, or a different phone number. If your contact has recently reinstalled WhatsApp, or switched devices, we recommend you refresh the code by sending them a new message and then scanning the code.
If you and your contact are not physically near each other, you can send them the 60-digit number. Let your contact know that once they receive your code, they should write it down and then visually compare it to the 60-digit number that appears in the contact info screen under Encryption. For Android, iPhone and Windows Phone, you can use the Share button from the QR code/60-digit number screen to send the 60-digit number via SMS, email, etc.