This is the second blog in the series “Understanding How whatsapp Encryption works”. If you have read my first blog of the series, you would remember that “INTERNET IS ALWAYS INSECURE” and
“No encryption method is fool-proof neither of Bob nor of whatsapp. But they achieve their purpose. They use encryption algorithms which are so strong that breaking it takes so much time that the message is rendered useless by then. For Bob’s encryption to break it took 3 months, with advancement in technology, for whatsapp it can take 3000 years.”
Now that you have understood the actual concept of encryption. Its time to move ahead, and know little bit more about encryption and cryptography.
If I recall correctly, Last time Alice and bob decided to replace their alphabets in their message with something else known only to them through the private keys. This is just one way of encryption.
Alternatively they could have met and bought a lock with two keys, one for each. Then Alice can put message inside a box, lock it and send it through horse-rider to Bob. Similarly Bob could also send messages locked in box to Alice. Here the shared secret is the key, for which Bob and Alice must meet atleast once physically. This method also falls in the category of Private-key cryptography only since it involves a shared secret key.
Let’s take our story forward. Alice had to move to another town to expand her business. Now She will not be able to meet Bob to buy locks with two keys together. They needed a another system now. Private-key Cryptography isn’t solving the purpose.
Alice goes to market, buys a padlock and marks it padlock-A.
She Keeps one key with herself and destroys the spare ones.
She unlocks the Padlock-A using her key, then sends the lock to Bob through her horse-rider.
Bob receives padlock-A in unlocked condition.
He puts his message inside a box locks it just by pressing the padlock and hands over the box to the rider.
Alice receives the box opens it with her key and reads the message. But, This is only one way communication. What if, Alice had to send something to Bob.
Similar to Alice. Now, Bob also buys a padlock-B and sends it in unlocked condition to Alice through his horse rider.
Now they can exchange messages without having the need to meet physically to share some secret key.
This methodology of Alice and Bob came to be known as Public-key Cryptography.
Public-key Cryptography involves two components :-
- Public-key : Padlock of Alice is her Public-key. Because it can be handed over to anyone from whom, she wishes to receive messages securely.
- Private-key : Key of padlock is her Private-key. It’s a private entity and shouldn’t be handed over to anyone.
With advancement in technology, both public and private keys have been replaced by digital keys (few lines of codes). It is now possible to release our public keys to everyone, while we keep our private keys safe. Anyone on internet can send us messages over the internet (insecure channel) after locking it with our public key. Upon receipt we can decrypt the message using our private key.
Want to know Diffie-Hellman ! Watch out for the third blog in the Series How Whatsapp Encryption Works.