These security measures provide protection against brute-force attempts to retrieve the key. The HSM-based Backup Key Vault will be responsible for enforcing password verification attempts and rendering the key permanently inaccessible after a limited number of unsuccessful attempts to access it. When the account owner needs access to their backup, they can access it with their encryption key, or they can use their personal password to retrieve their encryption key from the HSM-based Backup Key Vault and decrypt their backup. When someone opts for a password, the key is stored in a Backup Key Vault that is built based on a component called a hardware security module (HSM) - specialized, secure hardware that can be used to securely store encryption keys. People can choose to secure the key manually or with a user password. With E2EE backups enabled, backups will be encrypted with a unique, randomly generated encryption key. To enable E2EE backups, we developed an entirely new system for encryption key storage that works with both iOS and Android. How E2EE backups work Generating encryption keys and passwords WhatsApp does not have access to these backups, and they are secured by the individual cloud-based storage services.īut now, if people choose to enable end-to-end encrypted (E2EE) backups once available, neither WhatsApp nor the backup service provider will be able to access their backup or their backup encryption key. People can already back up their WhatsApp message history via cloud-based services like Google Drive and iCloud. Now, we’re planning to give people the option to protect their WhatsApp backups using end-to-end encryption as well. For years, in order to safeguard the privacy of people’s messages, WhatsApp has provided end-to-end encryption by default so messages can be seen only by the sender and recipient, and no one in between.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |