The WhatsApp messenger platform has launched Identification Proof Linked Storage (IPLS), a brand new privacy-preserving encrypted storage system designed for contact administration.
The brand new system solves two long-standing issues WhatsApp customers have been coping with for years, specifically the chance of dropping their contact lists in the event that they lose their telephone and the lack to sync contacts between completely different gadgets.
With IPLS, WhatsApp contact lists will now bind to the account relatively than the system, permitting customers to simply handle them between system modifications or replacements.
Moreover, IPLS makes it potential to keep up completely different contact lists for a number of accounts on the identical system, every securely managed and remoted from the remainder.
A safe, encrypted system
IPLS achieves safety via a mix of encryption, key transparency, and using {Hardware} Safety Modules (HSMs).
When a brand new contact is added, the title is encrypted utilizing a symmetric encryption key generated on the person’s system and saved in WhatsApp’s HSM-based tamper-resistant Key Vault.
When the person logs in on a brand new system, a safe session with the HSM-based Key Vault is established to retrieve the brand new contact by performing an authentication motion utilizing the cryptographic keypair linked to the person’s account (created upon registration).
IPLS ensures that each one contacts are encrypted end-to-end, that means that contact knowledge is encrypted on the person’s system and stays encrypted because it strikes via WhatsApp’s techniques, stopping interceptions at transit or entry from rogue Meta staff.
WhatsApp additionally companions with Cloudflare for impartial third-party auditing of its cryptographic operations, particularly, to behave as a guarantor of updates to the Auditable Key Listing (AKD), signing every epoch and validating it hasn’t been tampered with.
WhatsApp publishes auditable proofs of consistency for the important thing listing’s updates (transitions between epochs) to a publicly accessible Amazon S3 occasion, permitting customers, researchers, and auditors to independently confirm AKD’s integrity.
Earlier than IPLS and the underlying mechanisms had been even offered to the general public, WhatsApp contracted NCC Group to carry out a safety audit on the brand new system.
Essentially the most crucial discovery of that audit was a flaw that allowed impersonation of the Marvell HSMs and decryption of the customers’ secret key materials, probably exposing non-public contact metadata.
This downside, together with 12 flaws rated low to medium severity, had been addressed by WhatsApp in September 2024, so they are not current within the closing launch of IPLS.