[H8crilA]

One thing I do not understand: how does web.whatsapp.com work even if my phone is turned off? The key must be somehow transported via Facebook servers to my PC.

[aeyes]

Each device has a key, the message is sent multiple times with different keys.

> WhatsApp multi-device uses a client-fanout approach, where the WhatsApp client sending the message encrypts and transmits it N number of times to N number of different devices — those in the sender and receiver’s device lists.

https://engineering.fb.com/2021/07/14/security/whatsapp-mult...

[psychphysic]

WhatsApp web generates a key which your phone signs and then sender's encrypt messages for all those keys.

Presumably this means that the device knows how many devices it will be send to.

[bjt2n3904]

If the private subkey is stored on their servers, then that means their servers are one of the "ends" in "end to end encryption", and they can read all your messages.

Like putting a screen door on a submarine.

[aaomidi]

It’s stored in a local session on your computer. You won’t be able to start a new session.

So no, not their servers.

[nathan_phoenix]

Same way as how Signal desktop works with the phone being turned off.

As another commenter noted, they just generate another key and when someone sends you a message they have to encrypt the same message twice (one for each key).

[Aachen]

Signal exchanges keys in the QR code. It's not that you generate a random new key and people just start encrypting for that key without verification.

(I don't use WhatsApp so I don't know if they do the same.)

[emsixteen]

Is this a thing now? Never used to work for me, always got an error about needing my phone to be on.

[warp]

Yes, this is part of their multi-device support, which was in beta at the end of 2021 and then rolled out to everyone some time later.

https://www.makeuseof.com/use-whatsapp-multiple-devices/

[pmlnr]

Read https://en.wikipedia.org/wiki/OMEMO I'm guessing it's built on the same idea.

[m348e912]

Good question. Have you confirmed it works when your phone is off? I haven't tried.

[sigmar]

Just tested myself and you're right. Seems like very bad behavior. Someone with temporary access to your phone could setup whatsapp-web to transfer the key to a PC they control, then remove whatsapp web so there's no longer any devices listed in "linked devices," and still maintain a copy of the key. Doesn't seem like doing this forces any change in device keys.

edit: Maybe I'm missing something in how the web device is provisioned (maybe treating it like a group chat with multiple keys?), but I don't see how it could decrypt messages intended for my phone without just getting a copy of the key

[aaomidi]

It’s not a copy of the key, it’s a separate key

[sigmar]

If it is a different key, wouldn't there be a "keys have changed" notification in my friend's chat window when I add a new whatsapp-web login? If the keys haven't changed whatsapp-web must be capable of decryption of messages meant for my device, no?

edit: Is there documentation somewhere? Makes no sense to me that my friend is encrypting with the same public key (before, during, and after whatsapp-web is provisioned), but somehow it is decrypted on a new device with a different key

[gene91]

Your primary key vouches for that secondary key. Therefore, the “keys have changed” dialog don’t pop up because the new key’s legitimacy is verified.

[sigmar]

AH, I see. Found it described pg 5-9 here too https://www.whatsapp.com/security/WhatsApp-Security-Whitepap...