you know matrix chat? it’s supposed to be end-to-end encrypted. the same goes for whatsapp and other chat applications.

(technical note: if alice wants to send a message to bob with end-to-end encryption, then alice signs the message with her private key and bob’s public key. then bob can read the message with alice’s public key and his private key. so bob knows that the message actually comes from alice, and nobody can read it but bob.)

here’s the problem: the public keys are all stored on someone else’s (3rd party) server. for whatsapp, they’re stored on whatsapp’s server. so if bob gets a message from alice, he has to read that message with alice’s public key, but he gets the key from whatsapp’s server. so whatsapp can do a man-in-the-middle attack quite easily by giving out a fake alice’s public key.

actual effective end-to-end communication is only possible if alice and bob exchange public keys in real life. this circumvents a 3rd party server. and this is what needs to be implemented in chat applications such as matrix chat. (you can pass the public key with a QR code or sth like that)

  • TheDarkQuark@lemmy.world
    link
    fedilink
    arrow-up
    4
    ·
    3 days ago

    For anyone else like me who didn’t understand on a first read what OP is saying (it’s not you OP, it’s me; I am a single brain celled organism):

    Say Alice has generated keys pub_a and priv_a. Bob generated keys pub_b and priv_b and Bob has the unencrypted message msg_b.

    We assume:

    # Bob encrypts with Alice's public key
    enc_b = pub_a(msg_b)
    
    # Alice decrypts with her private key
    priv_a(enc_b) = msg_b
    

    Now, let’s say WhatsApp has generated keys pub_w and priv_w.

    # WhatsApp reads the unencrypted message
    enc_b1 = pub_w(msg_b)
    msg_b = priv_w(enc_b2)
    
    # And then re-encrypts it with Alice's public key
    enc_b2 = pub_a(msg_b)
    msg_b = priv_a(enc_b2)
    

    I just did a quick search, and found that you can verify the public key fingerprint. In WhatsApp, it is via the chat settings window -> Verify Security Code.

    I also found this white paper: https://www.whatsapp.com/security/WhatsApp-Key-Transparency-Whitepaper.pdf

    Although, I have to admit I didn’t read it yet (may be I’ll read it sometime later).

    Thinking about it, I agree that the best way would be sharing public keys over a different trusted channel unrelated to the main service.