WhatsApp Adapts Encryption to Protect Multiple Devices | Applications and Software

This Wednesday (14), the Whatsapp announced the function that allows the user to access their account on the service on up to four devices at the same time. Expected by many people, the feature is in beta stage, which is understandable: the novelty changes the structure of WhatsApp, so it needs to be well tested. One of the changes is in the end-to-end encryption.


WhatsApp on multiple devices (image: disclosure/WhatsApp)

how is today

Currently, you can access WhatsApp on your cell phone and, in a complementary way, on the service’s website or, even, in its versions for Windows and macOS. But these options are just extensions. You can only communicate through them if WhatsApp is activated on your cell phone at the time of use.

It’s very likely that you’ve already gone through the experience of using WhatsApp Web and realized that the service has suddenly gone offline. This issue occurs when synchronization with the cell phone that controls the account fails.

This can happen when the WhatsApp process is closed by the smartphone’s operating system, for example. That’s why simply reopening the application on the device makes WhatsApp Web work again.

If, on the one hand, this method allows the use of WhatsApp from the desktop in a less complex way, on the other, it brings possible inconveniences. The synchronization problem is one of them. Another is the connection limit: you can only sync your mobile phone for external use of WhatsApp with one device at a time.

How the new WhatsApp architecture works

The new WhatsApp architecture is completely different, as it does not require a single cell phone to be the center of all communication. But not, this does not mean that the service will store messages on its servers. to allow an account to be accessed by multiple devices.

All content received and sent by the user continues to be stored on their devices. The difference is that, in the current method, each account is identified using a unique key. In the new architecture, each device receives its own identification.

It is then up to WhatsApp servers to link each user’s account to the identities of all their devices.

An important detail: complementary devices can be tablets or computers, but not cell phones; at least for the time being, it is not possible to add another smartphone to the list of linked devices.

And security?

To prevent third-party devices from being linked to your account for malicious purposes, WhatsApp has taken a number of measures, such as the use of identity verification technologies.

Another is the QR Code requirement: just like WhatsApp Web, the user can only add devices to their account by reading a code generated on their main mobile phone.

In addition, it is possible to consult at any time the list of devices linked to the account, as well as the date and time of the last time they accessed it. From there, you can remove any associated device from the list remotely.

End-to-end encryption continues

With end-to-end encryption, the message leaves the cell phone encrypted and can only be decrypted on the recipient’s device. WhatsApp works like this even on the desktop: if you are using WhatsApp Web, for example, the message will be forwarded to your cell phone in an encrypted way and then sent to the recipient with end-to-end encryption enabled.

The before and after WhatsApp encryption (image: disclosure/WhatsApp)

The before and after WhatsApp encryption (image: disclosure/WhatsApp)

As you already know, the multi-device architecture does not require the primary cell phone to centralize communication. Therefore, each synchronized device encrypts the message and sends it to both the user’s other devices and the recipient’s devices.

In voice or video calls, the device that initiates the communication generates a set of 32-bit keys based on the SRTP (Secure Real Time Transport Protocol) for each recipient’s device.

When the recipient answers any of them, the call is initiated encrypted (through SRTP). The SRTP key for the call is kept only during the conversation.

In the case of group calls, the WhatsApp server randomly chooses a participating device to generate the keys and sends them to the other devices. Keys are reset whenever a user enters or leaves the chat.

As there are no copies in the clouds, WhatsApp also uses end-to-end encryption to synchronize message history across all user devices. This procedure is valid even for new devices. To these, the primary device sends an encrypted packet containing messages from recent conversations.

WhatsApp cross-platform beta

Does all this work to your satisfaction? That’s what the beta phase will show. But if you want to participate, you need to be patient (and lucky): for now, the tests are being done with a limited number of users.

There is still no forecast for the feature to be released to everyone.

Leave a Comment