Belgian law enforcement exploited end-to-end encryption gaps in WhatsApp to intercept messages exchanged between members of a Chechen jihadist group.

According to a report published by Bloomberg, two men were arrested and warrants were issued for other three suspects that were allegedly preparing a terrorist attack in Belgium. The interesting part of the news is that law enforcement exploited end-to-end encryption gaps in WhatsApp to intercept WhatsApp messages exchanged between members of a Chechen jihadist group operating in Belgium. The cell tied to the al-Nusra Front in Syria and the Islamic Caucasus Emirate, one of the suspects detained had recently returned to Belgium after being injured in a fight in Syria.

According to Gaspard Sebag from Bloomberg, the European law enforcement in a joint effort with the FBI are monitoring the use of the popular messaging platform WhatsApp.

“Investigators said earlier they had detained 16 people in the anti-terror raids after working with U.S. authorities to monitor suspects’ communications on WhatsApp Inc.’s messaging service.”  states Sebag.

The Belgian law enforcement raided two separate groups operating in Ostend and Louvain, and according various sources the messages exchanged on WhatsApp allowed the investigators to trace the group.

At the time I’m writing, Facebook who acquired WhatsApp, declined to comment the events, but security experts speculate that there is something wrong in the implementation of WhatsApp end-to-end (E2E) encryption started in November.

The new feature was added after the incorporation of the encryption protocol TextSecure designed by the popular security researcher Moxie Marlinspike and developed by the WhisperSystems.

TextSecure is a free Android mobile app developed by Open WhisperSystems, its code is open-source and it implements end-to-end encryption to protect text messages sent by the users. The TextSecure app was downloaded by nearly 500,000 users from the official Google’s Play Store. A Research team from Ruhr University Bochum has conducted an audit on TextSecure app discovering that the mobile app is open to an Unknown Key-Share attack.

TextSecure is considered one of most efficient text messaging application for mobile devices and its popularity increased after the Facebook bought WhatsApp, due to the fear of users that Intelligence agencies could have imposed to the company to give them the access to the servers.

In November 2014, a group of researchers that audited the popular TextSecure Private Messenger app discovered that it was vulnerable to Unknown Key-Share attacks.

“Since Facebook bought WhatsApp, instant messaging apps with security guarantees became more and more popular,” “We are the first to completely and precisely document and analyze TEXTSECURE’s secure push messaging protocol” states the author of the audit in a paper titled, “How Secure is TextSecure?“.

The research team explained a complete and precise document and analyze of TextSecure’s secure push messaging protocol. According to the group of expert, TextSecure works on a the cryptographic protocol that is implemented in the CYANOGENMOD firmware, and the researchers discovered a way compromise it with a an Unknown Key-Share Attack (UKS) against the protocol.

Now security experts explained that TextSecure is probably used by terrorist groups, but it’s uncertain that the end-to-end encryption works on Apple iOS devices, they also explained that group messages and images are still not supported by WhatsApp for Android.

It seems that even is the messages are protected by the encryption implemented, the FBI or NSA are able to gather metadata on the server side that could be used to link WhatsApp users. The analysis of metadata allowed law enforcement to identify the network of the alleged suspects.

According to the editor Fabian A. Scherschel, authorities are able to intercept and collect messages that could be decrypted since the key seeds could be more easily guessed reduced the number of possible keys.

“As other researchers have documented, WhatsApp uses a proprietary encryption in transit that is based on the problematic RC4 algorithm. This means it can be successfully attacked as RC4 has to be considered broken. In addition to this, the app seems to use the same key – derived from a user password – for both incoming and outgoing communication which enlarges the attack surface further. This means that while the encryption in transit can in principle be broken, it prevents mass data collection, say on Internet backbones.” said Scherschel.

w1

Moxie Marlinspike responded to Scherschel via Reddit:

“This article should be retitled ‘Breaking News: WhatsApp E2E Deployment Process Exactly As Advertised.’  We announced a partnership, not a finished deployment. In the blog post announcing that partnership, we publicly outlined the WhatsApp E2E deployment process, and it describes exactly what has been ‘discovered’ here. As I said in the blog post, deploying across this many users (hundreds of millions) and this many platforms (seven, of which they checked two) takes time, and is being done incrementally. I also point out that we will be surfacing information in the UI once that is complete.”

Let’s wait for a Facebook’s comment.

Pierluigi Paganini