Following on from this post WhatsApp network forensics 2017/06/whatsapp-network-forensics.html you may know WhatsApp changed the protocol to 'Open Whisper System's Signal Protocol end-to-end encryption'. A useful analysis of "Signal" can be found here regarding capturing the “ratcheting” key update structure:
A Formal Security Analysis of the Signal Messaging Protocol
https://eprint.iacr.org/2016/1013.pdf.
Vulnerability attacks have already started to determine Signal weaknesses. The "last resort key" looks interesting as does internal messaging attacks that have produced some results:
HUNTING FOR VULNERABILITIES IN SIGNAL - HITBSECCONF2017
https://conference.hitb.org/hitbsecconf2017ams/materials/D2T1%20-%20Markus%20Vervier%20-%20Hunting%20for%20Vulnerabilities%20in%20Signal.pdf
WhatsApp network forensics: Decrypting and understanding the WhatsApp call signaling messages
https://sci-hub.io/
http://www.sciencedirect.com/science/article/pii/S1742287615000985?via%3Dihub
No comments:
Post a Comment