End-To-End encryption with several recipients

Question

WhatsApp announced to support end-to-end encryption for normal conversations and group chats.

Assuming there is no shared private key and it's real end-to-end, then when I send a 10MB video to a group with 10 friends I have to encrypt it 10x and send it 10x ? Otherwise it's not end-to-end for me, because the server must not be able to forward it.

Is that correct? Thanks

Answer 1

Whatsapp has implemented a PKI (Public Key Infrastructure) in order to encrypt the messages. This means that the clients authenticate themselves using keys and that the servers only store the public key.

For more info about whatsapp's security check out the following whitepaper they released:

https://www.whatsapp.com/security/WhatsApp-Security-Whitepaper.pdf

Answer

The answer for your question is at page 7 of the whitepaper.

The first time a WhatsApp group member sends a message to a group:

1. The sender generates a random 32-byte Chain Key.
2. The sender generates a random Curve25519 Signature Key key pair.
3. The sender combines the 32-byte Chain Key and the public key from the Signature Key into a Sender Key message .
4. The sender individually encrypts the Sender Key to each member of the group, using the pairwise messaging protocol explained previously

For all subsequent messages to the group:

1. The sender derives a Message Key from the Chain Key, and updates the Chain Key.
2. The sender encrypts the message using AES256 in CBC mode
3. The sender signs the ciphertext using the Signature Key.
4. The sender transmits the single ciphertext message to the server, which does server-side fan-out to all group participants.