In early April, WhatsApp, an online messaging service with more than a billion users, announced that they added “end-to-end” encryption to every form of communication on the service. This means WhatsApp’s server now acts as an illiterate messenger, passing along messages that it cannot itself decipher. 1 Because of this newly adopted technology, WhatsApp is unable to disclose the texts of its customers’ messages to any third parties, including authorities like the Federal Bureau of Investigation (FBI). WhatsApp’s encryption technology works by using public key encryption.
Public key encryption is founded on basic encryption. To encrypt something means to use an algorithm, a series of well-defined steps that can be followed as a procedure, to convert information a sender wishes to transmit to a receiver (referred to as plaintext), into unreadable, meaningless cipher text (the encrypted result of the original plaintext) 2 To comprehend the message, the recipient then needs a key to decrypt the unreadable cipher text, transforming the garbled data into its original form.3 Just like the key to the lock of your house limits access to your home, a key to an algorithm determines who can have access to the encrypted message. Therefore, a key is a crucial piece of information, a parameter, that determines the functional output of the algorithm. Without it, the cipher text cannot be decrypted, and the data is meaningless.
WhatsApp’s end-to-end encryption provides added protection by adopting a system of communication in which only the communicating users can read the messages. In principle, it prevents potential eavesdroppers—including WhatsApp itself—from being able to access the keys needed to decrypt the conversation. 4 This varies significantly from the encryption used by Facebook’s messaging app, Facebook Messenger. Facebook Messenger encrypts your messages through part of their journey. A user types a message using the app, and hits send. The message is encrypted, so an outside user attempting to intercept the message during transmission. Facebook receives the message, decrypts it, and stores it on their server. It is then re-encrypted and sent to your recipient, where it is decrypted again. Even with this partial-path encryption, your messages are stored in plaintext on Facebook’s server, and the company has the keys to the encryption used. 5 The company can access your messages, and, if they are compelled to provide them to the government or if the company is hacked, others can access that information as well. 6 In WhatsApp’s end-to-end encryption, the key to the encryption is known only by the sender and the recipient, and the message is not decrypted when it is stored on WhatsApp’s server. It is fully encrypted and inaccessible to WhatsApp or any other user who might gain access to that server. 7 This is arguably the most secure method of securing user communications and is all due to public-key encryption. 8
Public key encryption is also known asymmetric encryption, as it uses two different but mathematically related keys instead of only one (“symmetric encryption”). 9 To better understand the concept of public key encryption, let us first compare it with symmetric encryption. Imagine Tom has a box with an ordinary lock, a lock with only one key. Only Tom or someone else with a copy of his key can open the box. That’s symmetric encryption: you have one key, and you use it to encrypt (“lock”) and decrypt (“unlock”) your data. 10 Now, let us see how asymmetric or “public-key” encryption works. Suppose Tom has a box with a special lock that has two separate keys. The first one can only turn the lock clockwise (0-5-10) and the second one can only turn it counter-clockwise (10-5-0). 11 Tom keeps the first key to himself, so this is his “private key.” Then, he makes many copies of the second key and gives them to whoever wants to send him documents, such as his family, friends, colleagues, etc. Because it is shared with the public, this second key is his “public key.” Now, if a confidante wants to send him a very personal document, she would put the document in the box and use a copy of the public key Tom gave her to lock it. The public key only turns anticlockwise, so she turns it from 10 to 5 to 0. Now, the box is locked. The only key that can turn from 0 to 5 to 10 to unlock it is Tom’s private key, which he has kept for himself. 12 That box is comparable to public key encryption scheme: Everyone who has the recipient’s public key can put documents in the recipient’s box, lock it, and know that the only person who can unlock it is the recipient, the only person who has the one private key. 13 Another way to think of the public key encryption system is to think it as the blue USPS mailing box sitting outside a post office. There is a door that anyone can open to insert mail, but the door only works in one direction Once the mail is in the mailbox, that door cannot be used by anyone else to get any mail back out. Instead, there is a second door secured by a key that only the postman has, which he uses to get all the mail back out. This is roughly analogous to an asymmetric-key system. The public key is freely available and allows anyone to send a message to the recipient in a secure manner. Nobody else, including other individuals using the mail system to send their own messages, can see what was sent. Only the recipient, with the private key, can get those messages back out and read them. 14
In a public key encryption scheme, the public key is required to encrypt the message, but, it does not need to be kept as a secret. Although the private key still needs to be stored securely, the advantage is that the encryption can occur without the private key. This means the private key never needs to be transferred and thus there is no chance that it can be intercepted by a third party. Thus, public-key encryption is convenient in that it does not require the sender and receiver to share a common secret to communicate securely.
Other than securely delivering messages, public key encryption is also widely used for “digital signatures.” 15 Suppose Tom puts a document in his special box. He uses his private key to lock the box, turning the key clockwise from 0 to 5 to 10. Someone delivers this box to his best friend, Sarah, and tells her the box is from Tom. She tries Tom’s public key on it, and the box opens. This can only mean one thing: the box was locked using Tom’s private key, the one that only Tom has. So now she can believe the messenger and know that no one else but Tom put the document in the box. In other words, Tom “digitally signed” the document. 16 Therefore, public key encryption system generally serves two functions: (1) If anyone encrypts (“locks”) something with the recipient’s public key, only the recipient can decrypt it (“unlock”) with his secret private key; and (2) if the sender encrypts (“locks”) something with his private key, anyone can decrypt it (“unlock”), but this serves as a proof that the sender encrypted it – it’s “digitally signed” by the sender. 17
Although public key and private key are related, the way the key pair are generated makes it virtually impossible to deduce the private key from the public key. The algorithms that the encryption is based use a mathematical expression built on the multiplication of two large prime numbers (a number that is the product of only 1 and itself). For example, the following numbers are the product of two prime numbers:
|15||=||3 x 5|
|77||=||7 x 11|
|221||=||13 x 17|
Essentially, the public key is the product of two randomly selected but extremely large prime numbers, and the private key is the two primes themselves. The algorithm encrypts data using the product and decrypts it with the two primes, and vice versa. This algorithm is secure because of the great mathematical difficulty of finding the two prime factors of a large number, and of finding the private key from the public key. 18 This is difficult because the only known method of finding the two prime factors of a large number is to check all the possibilities one by one, which is not practical due to the number of prime numbers. For example, there are about 3,835,341,275,459,350,000,000,000,000,000,000,000 different prime numbers in a 128-bit public key. That means that even with enough computing power to check one trillion of these numbers a second, it would take more than 121,617,874,031,562,000 years to check them all. That is about 10 million times longer than the universe existence of the universe. 19 If a user has the private key it adds enough information to the puzzle so that there is only one solution. It is like having a prize behind millions of doors; if you know which door the prize is behind, you can find the prize in no time. Without this information, the only remaining option is to try every door or choose one at random. 20
Therefore the two keys are closely related to each other, but it’s practically impossible to deduce the private key from the public key alone. In the current digital age, for companies to be confident that their electronic transactions can be carried out securely, effective security will be a consistently evolving challenge. Public key encryption, although might not be perfect, provides a sufficient solution. 21 It helps ascertain the identity of different people, devices, and services. Even if the information could be captured, the public key encryption scheme keeps the data in a meaningless form, unless the hacker has the private key. 22