Cryptography in simple language – How Whatsapp Encryption works Series 1

0
152
Whatsapp Facebook Phone Number Sharing Deal

So, you want to understand the complex encryption procedure incorporated by whatsapp that has sent governments around the world in frenzy. The magical wand which once waved will encrypt your messages in such a way that nobody except the authorised recipient can decipher not even whatsapp.

Mantra of cryptography – “INTERNET IS ALWAYS INSECURE

Have a look at following terms

Private Key cryptography
Public Key cryptography
Diffie-Hellman Protocol
Elliptical curve cryptography (ECC)
Curve 25519 key pair

I am leaving, understanding such complex concept isn’t my cup of tea. I am not a computer person you see !

If, that’s what you were thinking then this series of blogs is meant exactly for you. We must first understand actual Concept of Encryption and what it aims to achieve.

AliceBobAs of now, Forget everything and just read this simple story first.

Many years back, once upon a time there were two friends Alice and Bob.

They had a common enemy named Eve who was known to be evil, intelligent and shrewd.

Eve

Alice and Bob exchanged a lot of business information which shouldn’t be accessible to third person, else it might jeopardize their business.

So what options do they have !!

Since, they stayed in different villages and motorised vehicle wasn’t invented back then, daily exchange of information wasn’t feasible. So, they decided to walk down and meet up every Saturday, in person, to exchange information. The information was regarding the details of the new product they were going to launch in next few days.

RiderBut, They were busy guys, this “meeting in person” thing wasn’t working. So, they hired horse riders to deliver messages for them. But what if the riders reads the message or worse, gets captured by Eve.

To avoid this hassle. Alice and Bob decide to hold a secret meeting. There they agreed to scramble their information in such a way that it would look like gibberish to third person. They encrypted their information by replacing each alphabet with a corresponding number. For eg, 1 means A, 2 means B, 3 means C and so on.

This is just a simple example, actually a more complicated methodology was adopted by them for encryption. The basic concept remained the same, they basically replaced readable alphabets with something else. How this scrambling has been done was written in another notebook called private-key. This private key is a shared secret between the two parties that can be used to maintain a private information link.

Both Alice and Bob kept a copy of private key in their personal custody. There was no way Eve could access it (hopefully) !

Eve had gone on a  holiday to Hawai and the horse-rider successfully exchanged messages between Alice and Bob.

They didn’t need to meet up at all. Horse-rider will keep delivering messages and they can decrypt and read messages easily.

Bob feels, how smart he has been. Every Saturday he goes to local bar to enjoy his hot sausages and chilled beer. Life has never been so good for Bob until one day he finds out that his business information is being used by Eve.

Actually, Eve was stealing all encrypted messages from the horse-rider while he halted for taking rest. Eve was able to decrypt Alice & Bob’s encrypted message after working on it for 3 months. After all Bob is a human and yes there were people who were smarter than him. So, after 3 months of hard work, trying various permutation and combination Eve was able to figure out how encryption was done. Once he knew the encryption process, just by reversing the steps he was able to decrypt it. So now, Eve had a replica of private-key of Alice and Bob with him. He has been reading the encrypted messages merrily and enhancing his own business at the cost of Alice and Bob.

Alice sadBob sadAlice and Bob were devastated, their business was badly hit. It was time for some counter measures. Alice suggested to change the horse-riders with more loyal and efficient ones. However, Bob was not convinced that merely changing horse riders would solve their purpose.

They, then decided to change encrypting method and hence the private-key every month.

At first it looks like just a minor upgrade to the information security policy of Alice and Bob.

Well, it wasn’t a minor upgrade. Bob and Alice arrived at this formula after having many brain-storming sessions.

What I did not tell you was that Bob had served for 2 years in King’s Military Intelligence and had good terms with them. He was able to find out how Eve obtained his messages and how much time it took him to re-construct private-key for deciphering their messages.

What did they achieve ??

Now even if, horse-rider voluntarily / involuntarily handed encrypted messages to Eve. Eve could only decrypt messages of one month at max. Because Alice and Bob would change the private key every month.

But, wait a minute . . . .

Can Eve actually decrypt any of the messages and use it to his advantage?

The answer is no.

Here’s the master stroke of Alice and Bob.

Lets understand it with an example.

On 01 Jan  :   Alice and Bob change their private key.

On 02 Jan  :   Horse-riders delivers encrypted message to Alice and Bob.

On 03 Jan   :  Eve gets a copy of encrypted message, somehow.

Now, Eve starts to work on understanding the encryption method used so that he is able to decrypt it.

If you are as smart as Bob, you would remember that encryption method is so complex that it takes 03 months for Eve to break it.

So, On 03 Apr, Eve is able to break the encryption.

But,

On 01 Feb, 01 Mar and 01 Apr, Alice and Bob have already changed the private key. So, even though Eve has broken the encryption its of no use to him. He is able to decrypt messages sent in the month of January only in April. By then, the messages would have lost all its significance and is nothing more than a piece of Junk. ( Bob & Alice would have launched their product in market by then)

Alice and Bob happyProblem Solved. Alice and Bob lived happily ever after.

Welcome back to 21st century. Now Replace

Bob with – yourself
Alice with – your friend
Horse-rider with – your carrier service like whatsapp / gmail / yahoomail etc
Eve with – Attacker / Hackers waiting to exploit your personal information.

Bottom-line – No encryption method is fool-proof neither of Bob nor of whatsapp. But they achieve their purpose. They use encryption algorithms which are so strong that breaking it takes so much time that the message is rendered useless by then. For Bob’s encryption to break it took 3 months, with advancement in technology, for whatsapp it can take 3000 years.

And that’s the basic concept of encryption.

Oh, I forgot to mention. The Encryption method used by Alice and Bob is known as  Private-key Cryptography or symmetric-key cryptography in today’s world. AES and DES fall in this category.

Wondering what is Public Key Cryptography !!  Lets read another story here.