 An end-to-end encryption on backups means that media and messages, stored on either Google Drive or iCloud will now be encrypted with a unique and completely random encryption key.
An end-to-end encryption on backups means that media and messages, stored on either Google Drive or iCloud will now be encrypted with a unique and completely random encryption key.In what could lead to possible pushback from security agencies and governments across the world, global instant messaging giant WhatsApp said on Friday it will start offering end-to-end encryption on backup of messages.
In a series of tweets, WhatsApp global chief executive officer (CEO) Will Cathcart, while announcing the launch, said the company had been working on the product for some time now.
“This has been years in the making. We’re taking advantage of developments in hardware storage to safely store your backup encryption key in a vault no one else can access. We’re providing options to remember a 64-bit key or choose a password we do not know and cannot access. Neither can Apple or Google,” Cathcart said on Twitter.
WhatsApp currently provides Android phone users the option to backup their chats either on Google Drive or some other storage of their choice, while for iPhone users it provides the same option on iCloud. The company, however, makes it explicitly clear that the media and messages that users backup in iCloud or Google Drive are not protected by WhatsApp’s end-to-end encryption.
Defending the launch of the new service, which is likely to make it difficult for security agencies to request access to the backup of the chats, Cathcart said that everyone, including people, experts and the industry must push for more security since devices have become extremely important in people’s lives.
“Some governments continue to suggest using their powers to require companies to offer weaker security. We think that’s backwards: we should demand more security from companies for people’s sensitive information, not less,” he said.
An end-to-end encryption on backups means that media and messages, stored on either Google Drive or iCloud will now be encrypted with a unique and completely random encryption key. Users can also opt to have a password, the company said.
“To enable E2EE (end-to-end encryption) backups, we developed an entirely new system for encryption key storage that works with both iOS and Android. When someone opts for a password, the key is stored in a Backup Key Vault that is built based on a component called a hardware security module (HSM)—specialised, secure hardware that can be used to securely store encryption keys”, Facebook, which owns WhatsApp, said in a blog post.
India is one of the largest markets for WhatsApp with more than 53 crore users. Under the new IT Rules, the government has mandated that companies specifically in the business of instant messaging must enable a provision to trace the first originator of the message on the platform.
On May 25 this year,which was the last day to comply with the new social media and intermediary guidelines, WhatsApp had approached the Delhi High Court with a plea challenging the provision of tracing the first originator of the message. In its plea, WhatsApp said that this would require it to break its “end-to-end” encryption on its platform, which would in turn infringe upon the fundamental right to privacy of users.
The Ministry of Electronics and Information Technology, however, had said that WhatsApp’s move to legally challenge the provision of tracking the first originator of a message is an “unfortunate attempt” and “a clear act of defiance of a measure whose intent can certainly not be doubted”.




