Whether you’re sharing confidential information or swapping movie ideas with a friend, people are turning to private messaging apps that offer end-to-end encryption to protect the contents of their conversations.

When data is shared over the internet, it often traverses a series of networks to reach its destination. Apps such as WhatsApp, owned by social media giant Meta (formerly Facebook), provide a level of privacy that even challenges Government agencies from accessing encrypted conversations.

However, with the apps constantly changing their security and privacy policies, are the messages still safe from being decrypted?

Back in May 2021, disapproval by the online community with the changes to WhatsApp’s privacy policy for business entities using the platform, saw many users switch to other private messaging apps such as Signal and Telegram.

Cybersecurity expert, Dr Arash Shaghaghi from UNSW School of Computer Science and Engineering and UNSW Institute for Cyber Security, compares encryption to the likes of having a secret conversation between you and another person.

“To keep our information away from prying eyes, we rely on cryptographic algorithms to encrypt our data. Encryption involves converting human-readable plaintext into an encoded format and the data can only be read after it’s been decrypted,” he says.

“Encryption involves using a key to lock a message, while decryption is using a key to unlock a message.

“In theory, if an outsider observed an encrypted conversation, they could not make sense of it, and they will need the appropriate key to decrypt it.

“Interestingly, with some end-to-end encryption protocols, such as Signal, even if someone steals the encryption keys and taps over the connection, they cannot decrypt messages already sent. In crypto parlance, this is termed as forward secrecy.”

 

Excerpt from article by Cecilia Duong, read the full article here