WhatsApp will provide end-to-end encryption for cloud-based service backups, too

WhatsApp announced they are giving people the option to protect their message backups, via cloud-based services like Google Drive and iCloud, using end-to-end encryption. Currently, WhatsApp has provided end-to-end encryption by default ​​so messages “can be seen only by the sender and recipient, and no one in between”. 

If you’ve been backing up your WhatsApp messages to your Google Drive, these backups can be accessed by Google and its employees. As for Apple, while the company says that they can’t access the information in your iCloud, there’s a report that says Apple has “the right to conduct extensive employee surveillance”.

With WhatsApp’s upcoming feature, users can choose to enable end-to-end encrypted backups so that neither WhatsApp nor the backup service provider would be able to access their data. Each backup a user makes to their cloud-based account will be “encrypted with a randomly generated encryption key” that can be saved locally by the user or secured with a password.

To enable end to end encrypted backups, users will be able to choose between securing the key manually or with a user password. If they choose to type in the full 64-digit encryption key, backups will be encrypted with a unique, randomly generated encryption key. If they user needs to access the backup, they can access it with their encryption key.

When someone opts for the password method, they will create a password, while an encryption key is generated. The key is then stored in a “Backup Key Vault”—specialised to securely store encryption keys. The backup is then uploaded the their chosen cloud-based system. Users can use their personal password to retrieve their encryption key from the Backup Key Vault.

WhatsApp’s end-to-end encrypted backups will be available on iOS and Android “in the coming weeks”. WhatsApp is also rolling out its Multi-Device feature which allows you to use WhatsApp on other devices without keeping your phone online.

Previously, we reported that WhatsApp is still able to see the end-to-end encryption messages if the messages are reported. They are also “not afraid of sharing metadata with law enforcement”, as recently they submitted proof that a government official was talking to a reporter at BuzzFeed, ultimately resulting in a 6 month prison sentence.

[ SOURCE, 2 ]