On Tuesday, Whatsapp announced that it’s implementing end-to-end encryption, an upgrade to its privacy protections that makes it nearly impossible for anyone to read users’ messages—even the company itself. Whatsapp will integrate the open-source software Textsecure, created by privacy-focused non-profit Open Whisper Systems, which scrambles messages with a cryptographic key that only the user can access and never leaves his or her device.
TextSecure allows users to send text messages, documents, photos, videos, contact information, and group messages over Wi-Fi, 3G or LTE to other TextSecure users, thus providing an alternative to text messaging for users with smartphones running Android 2.3 or later. TextSecure can use SMS/MMS to communicate with non-TextSecure users. Messages that have been sent via SMS/MMS and messages that have been sent via the user’s data connection can be distinguished by color. Green text bubbles indicate SMS-based communication and blue text bubbles indicate communication over a data connection. By default, TextSecure will send the messages over the user’s data connection if possible. This means that if the user sends a message to another registered TextSecure user, there is no SMS charge associated with the message. It is merely treated as an additional data transfer. If the data connection is unavailable, the application will fall back to using SMS/MMS to transport the message.
Textsecure has actually already been quietly encrypting Whatsapp messages between Android devices for a week. The new encryption scheme means Whatsapp messages will now travel all the way to the recipients’ device before being decrypted, rather than merely being encrypted between the user’s device and Whatsapp’s server. The change is nearly invisible, though Marlinspike says Whatsapp will soon add a feature to allow users to verify each others’ identities based on their cryptographic key, a defense against man-in-the-middle attacks that intercept conversations. “Ordinary users won’t know the difference,” says Marlinspike. “It’s totally frictionless.”
In its initial phase, though, Whatsapp’s messaging encryption is limited to Android, and doesn’t yet apply to group messages, photos or video messages. Marlinspike says that Whatsapp plans to expand its Textsecure rollout into those other features and other platforms, including Apple’s iOS, soon. He wouldn’t specify an exact time frame, and Whatsapp staffers declined to comment on the new encryption features. Marlinspike says the Textsecure implementation has been in the works for six months, since shortly after Whatsapp was acquired by Facebook last February.
Whatsapp’s Android users alone represent a massive new user base for end-to-end encrypted messaging: Whatsapp’s page in the Google Play store lists more than 500 million downloads. Textsecure had previously been installed on only around 10 million gadgets running the Cyanogen mod variant of Android and about 500,000 other devices.
Whatsapp’s rollout of strong encryption to hundreds of millions of users may be an unpopular move among governments around the world, whose surveillance it could make far more difficult. Whatsapp’s user base is highly international, with large populations of users in Europe and India.