Whether you’re sharing confidential information or swapping movie ideas with a friend, people are turning to private messaging apps that offer end-to-end encryption to protect the contents of their conversations.
When data is shared over the internet, it often traverses a series of networks to reach its destination. Apps such as WhatsApp, owned by social media giant Meta (formerly Facebook), provide a level of privacy that even challenges Government agencies from accessing encrypted conversations.
However, with the apps constantly changing their security and privacy policies, are the messages still safe from being decrypted?
Cybersecurity expert, Dr Arash Shaghaghi from UNSW School of Computer Science and Engineering and UNSW Institute for Cyber Security, compares encryption to the likes of having a secret conversation between you and another person.
“To keep our information away from prying eyes, we rely on cryptographic algorithms to encrypt our data. Encryption involves converting human-readable plaintext into an encoded format and the data can only be read after it’s been decrypted,” he says.
“Encryption involves using a key to lock a message, while decryption is using a key to unlock a message.
“In theory, if an outsider observed an encrypted conversation, they could not make sense of it, and they will need the appropriate key to decrypt it.
“Interestingly, with some end-to-end encryption protocols, such as Signal, even if someone steals the encryption keys and taps over the connection, they cannot decrypt messages already sent. In crypto parlance, this is termed as forward secrecy.”
Are our messages fully secure?
Modern encryption algorithms have been battle-tested and shown to have no known vulnerabilities. While it doesn’t mean it’s impossible to crack, the process requires extensive processing powers and could take a significantly long time to do….