The flow of adding new members to a WhatsApp group message is:
- A group member sends a non -signed message to the WhatsApp server who designates which users are group members, for example Alice, Bob and Charlie
- The server informs all existing group members that Alice, Bob and Charlie have been added
- The existing members have the opportunity to decide whether they should accept messages from Alice, Bob and Charlie, and whether messages exchanged with them should be encrypted
Without cryptographic signatures that verify an existing member that a new member wants to add, additions can be made by anyone with the possibility to control the server or messages that flow into it. With the help of the common fictional scenario for illustrating end-to-end coding, this lack of cryptographic certainty leaves the possibility that Malory can join a group and get access to the reports of people readable.
WhatsApp is not the only Messenger who misses cryptographic guarantees for new group members. In 2022, a team discovered with some of the same researchers who analyzed WhatsApp that Matrix – an open source and own platform for chat and cooperation customers and servers – also did not offer cryptographic means to ensure that only authorized members become members of a group. In the meantime, the Messenger Telegram does not offer end-to-end coding for group messages, making the app one of the weakest to guarantee the confidentiality of group messages.
The Open Source Signal Messenger, on the other hand, offers a cryptographic certainty that only an existing group member who is designated as a group manager can add new members. In an e -mail, researcher Benjamin Dowling, also from King's College, explained:
Signal implements 'cryptographic group management'. About this means that the manager of a group, a user, signs a message in the style of “Alice, Bob and Charley are in this group” for everyone. Subsequently, everyone else in the group makes their decision about who they should cod and to whom reports accept on the basis of these cryptographically signed messages, [meaning] Who to accept as a group member. The system used by signal is a bit different [than WhatsApp]since [Signal] Makes extra efforts to prevent the group membership from being unveiled to the server, but the core principles remain the same.
At a high level, in signal, groups are associated with group lists that are stored on the Signal Server. A group manager generates a groupmasterkey that is used to make changes to this group member of the group. In particular, the Groupmasterkey is sent via Signaal to other group members and is therefore unknown for the server. So if a manager wants to change a change in the group (for example, invite another user), he must create an updated membership list (verified with the GroupMasterkey) that tells other users of the group who should add. Existing users are informed of the change and update their group list and perform the correct cryptographic operations with the new member, so that the existing member can send messages to the new members as part of the group.
Most messages apps, including signal, do not certify the identity of their users. That means that there is no way to check whether the person who uses an account with the name Alice actually belongs to Alice. It is fully possible that Malory can create an account and call it Alice. (Aside, and in stark contrast to signal, the account members who belong to a certain WhatsApp group are visible to insiders, hackers and for everyone with a valid summons.)
