Both WhatsApp and Signal are encrypted messaging applications, offering e2e encryption for it’s users. What this means is that all the communication is encrypted prior to being sent to the server or through public space, example: the internet. This makes it so you don’t need to trust the server to keep your messages secure as the server itself cannot even decrypt the communication.
Both WhatsApp and Signal use the Open Source Signal protocol to offer this service to its customers. The signal protocol uses many different layers of encryption and a combination symmetric and asymmetric encryption methods. But at the core of the protocol lied the Diffie-Hellman key exchange.
Disclaimer: This article aims to explain from a high level what the Diffie-Hellman key exchange is and the problems it solves. Not an explanation of the underlying mathematics.
What is the issue we are trying to solve?
When it comes to encryption, we have two main methods: symmetric encryption and asymmetric encryption (aka public key encryption). Public key encryption uses a combination of a public and private key to mostly perform proof of origin, otherwise known as signing of data. Where symmetric encryption uses a single encryption key to both encrypt and decrypt the encrypted data. This method is much more secure and efficient for data transfer overall.
So since symmetric encryption is far more secure, why don’t we just always use that? Well there is one big issue… If I am sending an encrypted message with a given key, how do I securely get that key to the intended recipient of my message?
What are our options?
Well the first though may be to simply send the recipient the symmetric key over a secured channel. Like a website or server you trust, but then that makes the process not e2e encrypted.
Another option would be to simply sign the symmetric key with your private key and then encrypt it with the recipients public key. That way only the recipient can decrypt it with their corresponding private key and the recipient can verify who it came from with the senders public key.
This would ensure our message is e2e encrypted, but it forced the recipient to trust the sender in generating the key, and we are still sending sensitive data over the wire and could potentially could be decrypted given enough time or luck.
Diffie-Hellman solved both of these issue!
How Diffie-Hellman works.
The beauty of Diffie-Hellman is that it allows both users to generate a set of public and private keys. Each user will exchange their public keys and combine the other users public keys with their own private keys to mathematically produce the same symmetric key.
The exchange of keys can be done over a totally insecure channel as none of the data you are exchanging is sensitive. You could do this exchange over http on a website called hacker.ru if you wanted and there would be no issue.
Additionally each users has to participate in the generation of the key equally, exchanging keys ob both sides making each party equally responsible. With Diffie-Hellman it takes tow to tango!
Of course it is best practice to sign the public keys you are exchanging if done over an insecure channel so the recipient can ensure they are coming from who they think and verify the data was not tampered with.
The Signal Protocol, X3DH and KDF.
The Signal protocol is more complex than simply a Diffie-Hellman key exchange. Signal uses what they call Extended Trippe Diffie Hellman wich is a modified version of the Diffie-Hellman key exchange. They also use a key derivation (KDF) method so that the generated symmetric key actualy changes as you send more messages. This makes it so if an attacker did obtain one of your keys, they could not decrypt your previous communications.
As you can see the Signal Protocol is more complex than just the Diffie-Hellman, but the Diffie-Hellman is at the core of the protocol and the core for almost all e2e encryption solutions around.
