TechEcho

<a href="https://news.ycombinator.com/item?id=11431108" rel="nofollow">https://news.ycombinator.com/item?id=11431108</a>

From what I can tell, the main difference between this and what Signal was using as of December is:- WhatsApp uses AES-256 instead of AES-128 (both are CBC mode)- WhatsApp uses HMAC-SHA-256 instead of HMAC-SHA-1I think everything else is the same. (I need to re-read the Signal Protocol specification later today to make sure.)

It's nice to see decent security turned into a product desired by the users! I wonder which big platform is going to adopt this next :)Is there any open-source Linux desktop implementation?

Do they use pinning for the Transport Layer? Apple seems to do that in their newer versions. Or is their some reason why they should not?

end-to-end encryption protocol haa?

<a href="https://news.ycombinator.com/item?id=11431108" rel="nofollow">https://news.ycombinator.com/item?id=11431108</a>

It's nice to see decent security turned into a product desired by the users! I wonder which big platform is going to adopt this next :)Is there any open-source Linux desktop implementation?

Do they use pinning for the Transport Layer? Apple seems to do that in their newer versions. Or is their some reason why they should not?

end-to-end encryption protocol haa?

WhatsApp Security Whitepaper [pdf]

5 comments

WhatsApp Security Whitepaper [pdf]

5 comments