WhatsUp, Jihadis? —

Intercepted WhatsApp messages led to Belgian terror arrests [Updated]

End-to-end encryption gaps in WhatsApp, message metadata may have left alleged jihadis exposed.

The FBI has been lobbying hard to get unfettered access to the messages passed by encrypted messaging services. But it apparently didn't need that level of access to WhatsApp messages sent between members of an alleged Chechen jihadist group operating in Belgium. According to a report by Bloomberg, a pair of men were arrested and warrants were issued for three others for allegedly preparing for a terrorist attack in Belgium.

The arrests followed raids in which 16 people were detained, which Belgian law enforcement officials said was the result of "working with U.S. authorities to monitor suspects’ communications on WhatsApp Inc.’s messaging service," Bloomberg's Gaspard Sebag reported.

The BBC reports that the men tied to the al-Nusra Front in Syria and the Islamic Caucasus Emirate. One man detained had recently returned to Belgium wounded in combat in Syria while fighting with al-Nusra. There were two groups raided—one in Ostend on Belgium's coast, and the other inland at Louvain. The Louvain group was said to be plotting a terrorist attack in Belgium. BBC also cited Belgian officials as saying WhatsApp messages intercepted by the US government were used to trace the group.

Ars reached out to WhatsApp and to Facebook, which completed its acquisition of WhatsApp in October. A spokesperson from Facebook declined to comment on the matter.

WhatsApp began providing end-to-end (E2E) encryption of its messages last November with the incorporation of security researcher Moxie Marlinspike's WhisperSystems encryption protocol TextSecure. In theory, if TextSecure were in use by the alleged terrorists, the content of their messages would have been very difficult to read; the TextSecure protocol continuously changes pairs of encryption keys with each new message. But it's uncertain that the messages were encrypted—particularly since E2E encryption is not supported by the Apple iOS version of WhatsApp, and group messages and images aren't supported by WhatsApp for Andriod yet.

Even if some of the messages remained protected by encryption, it's possible that the FBI or NSA gathered metadata at the server for the messages. That metadata could have been used to establish the connections between the suspects and the wounded jihadi, which would have allowed the US agencies or Belgian law enforcement to do more targeted surveillance.

In an article in German magazine C'T, editor Fabian A. Scherschel dove into the encryption scheme in WhatsApp and contended that it did not vary the key used to encrypt information in transit—instead, it used a key derived from the user's password and encryption code based on the RC4 algorithm for both inbound and outbound communication. The insinuation was that intercepted and collected messages could theoretically be broken much more easily since the key seeds could be more easily found because it reduced the number of possible keys. But in a response to the article posted to Reddit, Moxie Marlinspike said, "This article should be retitled 'Breaking News: WhatsApp E2E Deployment Process Exactly As Advertised.'  We announced a partnership, not a finished deployment. In the blog post announcing that partnership, we publicly outlined the WhatsApp E2E deployment process, and it describes exactly what has been 'discovered' here. As I said in the blog post, deploying across this many users (hundreds of millions) and this many platforms (seven, of which they checked two) takes time, and is being done incrementally. I also point out that we will be surfacing information in the UI once that is complete."

This article has been updated based on further reporting to include Moxie's response to the the C'T Magazine findings. The article also originally reported TextSecure did not support group messages and images; those features are supported in TextSecure as a separate application, and not in WhatsApp's implementation. 

Channel Ars Technica