Are your backup data secure?

The new backup protocol for Whatsapp messages was subjected to a comprehensive security analysis by a research team. One identified weakness can be resolved with a strong password.

Every day, people around the world exchange billions of messages using the Whatsapp messaging service. End-to-end encryption is used to ensure they are secure. However, until recently the automatic backups of chats did not enjoy the same level of security, as the personal key to the data stored in the cloud was known to the company. “Backups were safe from everyone apart from Whatsapp itself,” says Julia Hesse, a cryptographer from the IBM Research Institute in Zurich who has received funding from the SNSF.

This could also be why the messenger service launched a new backup protocol at the end of 2021, which Julia Hesse and researchers from ETH Zurich and the University of Wuppertal have now examined in detail. The study showed that the company itself is no longer able to access the backups.

A company vault without company access

To carry out the analysis, the team created a formal model that describes all the requirements for a secure backup system, such as the necessary key length. They then compared this ideal model with the actual protocol in use. They gathered the necessary information from a range of sources such as official documents published by Whatsapp and surveys among the employees who developed the new backup protocol. “We had to rely on the information provided by the company,” says Hesse. “However, I don’t see any reason for them not to tell the truth here.” After all, an additional – external – security review actually benefits the company.

With the new system, the copy of the key is no longer kept by the company as before, but is held on a separate extra-secure computing unit with storage the company has no access to, and where the code cannot be changed subsequently. Now, if a user loses their smartphone, they can use a password to recover the key themselves and restore their own chats. “It’s like the key is stored in a chest that can only be opened with the password,” Hesse explains.

Transparency protects – thanks to peer review

The protocol also protects the backup from “brute force” attacks, which keep trying passwords until they find the right one. “Even if a powerful attacker manages to gain control of the Whatsapp servers, the system would only allow them ten attempts, after which the key would be destroyed,” says Hesse. However, the data is then lost for the user too.

The researchers discovered a potential weakness in this function – in normal operation mode the system deletes old versions of the backup when a new version is created, such as when changing the password. According to Hesse, “an attack on Whatsapp or elsewhere could result in the old versions being retained, meaning that another ten attempts would be possible for each existing version”. But this loophole can be closed by choosing a strong password. “If, rather than taking their Swiss postcode, the user chooses eight characters with a special character, it doesn't matter whether the attacker has ten or two hundred goes.”

Doesn't publishing the security protocol including potential loopholes, as this study does, increase the risk of potential attacks? “Researchers are now confident that a formal, publicly accessible description of the protocol actually increases security,” states Hesse. It enables other specialists to look at everything again in detail or investigate new aspects. “It’s like a free peer-review process, which is a lot more valuable than if the company were to keep the protocol hidden away.”