Sorry Amber Rudd, WhatsApp encryption doesn’t work like that

Thomas Wellburn
March 27, 2017

Leading MP Amber Rudd is calling for a change on end-to-end encryption in the wake of the London terrorist attack that would see intelligence services snooping on peoples conversations. What Mobile is here to tell you; it’s not a simple of case of ‘letting people in’.

Last week, Khalid Masood committed a terrorist attack outside parliament in London. It left four dead and dozens injured. His primary source of communication throughout the whole incident was WhatsApp, leading MPs such as Amber Rudd to call for a clamp-down on encrypted messaging platforms. Speaking on the Andrew Marr show this Sunday, she was quoted saying that these applications must not provide a secret platform for terrorists to communicate. Rudd tried to put the blame entirely on WhatsApp despite still claiming to support end-to-end encryption. You can’t support end-to-end encryption but still expect WhatsApp to provide a backdoor; it just doesn’t work that way.

A Rudd awakening

The encryption within WhatsApp works by using keys to disguise data. When a message is passed through the server to the other persons device, these are used to encrypt the data. Aside from the public key used by WhatsApp themselves, every single device sending a message has it’s own private key. Each of these private keys is also exclusive to the conversation at hand, making snooping next to impossible. While there is a chance that these messages are backed up on the WhatsApp server, a snooper would need to know both the sender and recipients private keys to decipher the message. WhatsApp does not store this information. Theoretically, the only way to intercept such messages would be to install backdoor software on handsets which compromises the keys, though this would undoubtedly be deemed illegal and a breach or privacy. For Rudd to suggest such a statement would completely undermine the integrity of such a security measure… it can’t truly be end-to-end if you give access to those private keys.

You can’t support end-to-end encryption but still expect WhatsApp to provide a backdoor; it just doesn’t work that way.

Ex Prime Minister David Cameron has previously campaigned to get end-to-end encryption outlawed in the UK but thankfully, it didn’t go ahead due to obvious reasons. This principal method of hiding data is used in everything from banking to online transactions, which would’ve made the whole process very difficult. While you could in theory ban such encryption purely for messaging services, it wouldn’t have fixed the problem. We are entitled to our privacy and in an ever-growing world of digital media, such safe-guards against our data should be kept sacred. A small minority cannot ruin it for the majority.

The Blame Game

Going even deeper, it’s highly likely that the encryption wouldn’t have made a blind bit of difference to catching Masood. You can’t intercept messages from somebody who you’re not investigating. It has been reported many times in recent days that both MI5 and GCHQ had him on their radar but presumed he was ‘inactive’, meaning they weren’t really paying much attention. To intercept the messages two minutes before the attack and stop it would’ve been a pretty incredible feat of British Intelligence, so it’s likely that WhatsApp is being used a scapegoat to hide the fact they missed the boat.

About the Author

Share this article