WhatsApp is feeling down.
The multi-platform instant-messaging app for smartphones isn't as secure as it's supposed to be, according to an analysis published by a Dutch computer-science student.
WhatsApp uses a stream cipher, a sort of random number generator, to generate a long, random key with which to encrypt a conversation.
The problem is that WhatsApp uses the same key for all incoming and outgoing messages in a single conversation.
So if snoops were able to capture the encrypted data from that conversation, they could just compare the incoming and outgoing messages, and as long as they knew (or could guess) some part of one of the messages, they could cancel out the mathematical similarities — i.e. the encryption key— between the two.
That would give them the unencrypted text of both sides of the conversation.
This technique works because stream ciphers are all about random numbers — and if you use the same number more than once, it's no longer random.
Instead, the number becomes a pattern, and relatively basic math will find the pattern and crack WhatsApp's encryption implementation wide open.
The vulnerability was discovered by Thijs Alkemade, a graduate student in mathematics and computer science at Utrecht University in the Netherlands, who wrote up his analysis on his blog.
WhatsApp disputed Alkemade's findings.
"Stating that all conversations should be considered compromised is inaccurate," wrote WhatsApp's CEO, Jan Koum, in an email to the tech blog Ars Technica. "Basically, this is sensationalized and overblown. Please report responsibly and do research that goes beyond Twitter-sphere. We have a company to run."
Others disagree with Koum's assessment. Several security experts unaffiliated with Alkemade have reviewed the student's work and found it to be credible.
According to Thomas Ptacek of Chicago-based Matasano Security, the same bug occurred in an algorithm called the Point to Point Tunneling Protocol, which was developed by Microsoft in the 1990s.
"It's an extremely bad flaw that lots of people know how to exploit," Ptacek tweeted.
Alkemade suggested in his analysis that WhatsApp could easily fix the problem by switching to a security protocol called Transport Layer Security, a tried-and-true method of encrypting information in transit that is used on much of the Internet.
As Naked Security blogger Paul Ducklin put it, "Why reinvent a square wheel when there's a well-known and well-studied round one you can roll out instead?"