ANALYZING ENCRYPTION FEATURES OF WHATSAPP

ANALYZING ENCRYPTION FEATURES OF WHATSAPP

Read the WhatsApp Encryption Overview whitepaper (https://www.whatsapp.com/security/ ? in-depth technical explanation) and then use resources from the web to explain
in plain language how WhatsApp ensures end-to-end encryption and user verification. Please include a List of references (cited in your report). Do include figures
(your own – do not copy and paste). Specifically,
1. Prepare a report on the overall encryption scheme employed by WhatsApp
a. Does WhatsApp authenticate (verify) the user? What is two-factor authentication? (see http://www.makeuseof.com/tag/enable-two-step-verification-whatsapp/)
b. What is a IdentityKey pair? Where is it employed?
c. What type of security technology is used for distributing the user’s public key?
d. What protection does a(n) digital (electronic) signature provide? Does WhatsApp use digital signatures? What is a signed Prekey?
e. What is a one time key? How is it replenished? Why and when is it used?
f. What is Session Key? What is a Rootkey? What is a Chain key? What is a message key? How and when are these 3 types of session keys used by WhatsApp?
g. How and when are these keys used for session initiation, receiving a session setup and exchanging messages?
h. Why should the WhatsApp user protect her/his session key from being used by imposter? What strategies does WhatsApp use so that only the authorized user access
her/his session keys?
i. How can a WhatsApp user know that the public key(s) of another user is(are) genuine?

2. Security is always a major concern, especially with the wireless network being implemented. What measures have been taken by WhatsApp to increase the level of
security on the wireless network?
a. What type on encryption does WhatsApp employ to ensure message confidentiality in wireless devices? What protection does confidentiality provide? How many keys
are used in the encryption methods used by WhatsApp? Are the keys employed by WhatsApp considered strong? How often are the different types of keys changed by the
user’s device when using WhatsApp?
b. What scheme does WhatsApp employ for key management? Explain the architecture used for authentication and key management (with diagram and explanations).

 

find the cost of your paper