WhatsApp network forensics

Thank you, great post and link!

Paste the following link into https://sci-hub.io/

http//www.sciencedirect.com/science/article/pii/S1742287615000985?via%3Dihub

(direct link fails)

Unfortunately this work predates the adoption of Open Whisper System's Signal Protocol end-to-end encryption by Whatsapp, so is of limited use today….

Unfortunately this work predates….

Yeah, fair point. I did include the provision in my comments

From a network investigators point of view essential information producing evidential artifacts of identifying network activity. Taking this further, PenTesters might even find this information useful, also. Even where security flaws get updated, doesn't stop modified attacks occurring creating further vulnerabilities; so learning is the name of the game.....http//trewmte.blogspot.co.uk/2017/06/whatsapp-network-forensics.html

I think this work can be put to good use for historical matters, training and as part of a forward learning curve; presumably Curve25519 ) idea ?

adoption of Open Whisper System's Signal Protocol end-to-end encryption by WhatsApp…

Already under attack. Interesting work on capturing the “ratcheting” key update structure. Although the "last resort key" made me smile. An the internal messaging attacks look promising and have produced some results. But a lot more work is need though.

Analysis of Signal Messaging Protocol

http//eprint.iacr.org/2016/1013.pdf

Analysis of Signal Messaging Protocol

http//eprint.iacr.org/2016/1013.pdf

Yes, got that research, good paper.

Try this

HUNTING FOR VULNERABILITIES IN SIGNAL - HITBSECCONF2017
April 10-14, 2017

https://conference.hitb.org/hitbsecconf2017ams/materials/D2T1%20-%20Markus%20Vervier%20-%20Hunting%20for%20Vulnerabilities%20in%20Signal.pdf