How Does WhatsApp Encryption Work?

You type "hey" on WhatsApp and hit send. Your friend's phone buzzes a second later. In between, the message crossed the internet and passed through WhatsApp's servers as a blob of scrambled bytes that nobody along the way could read.

This is end-to-end encryption. Every WhatsApp chat has had it since 2016¹.

So how does a message get from your phone to your friend's, through servers that only see gibberish?

Let's walk through it.

First, the obvious way

The normal way apps send your data is through HTTPS. Your phone sends the message. The trip to the server is encrypted. Nobody sniffing your wifi can read it. The message arrives. The server decrypts it, stores it, and later forwards it to your friend.

This is how Gmail works. How Instagram DMs used to work. The server is a middleman who can read everything but is trusted to behave.

The problem is obvious.

If the server gets hacked, the hacker reads your messages. If a government asks, the company hands them over. If a bored employee pokes around, they see whatever they want. Anyone with access to the server sees plain text.

WhatsApp decided this wasn't good enough.

Lock it before it leaves

The fix is end-to-end encryption.

Your phone scrambles the message before sending. WhatsApp's servers carry the scrambled blob across the internet. Your friend's phone unscrambles it when they open the chat. While the message is in transit, the servers only ever see nonsense.

Simple enough in principle. But it raises one question.

How does your friend get the key to unscramble it?

The key-sharing problem

If you send the key through WhatsApp's servers, the servers see it. Now they can unscramble the message themselves. We've achieved nothing.

If you meet your friend in person to hand them a key, sure. But nobody's flying across the country every time they want to start a WhatsApp chat.

So we need a way for two phones to agree on the same secret key without ever sending that key through the internet.

This sounds impossible. It isn't.

The paint trick

Here's the analogy that makes it click. Math people call it Diffie-Hellman, but paint is easier.

You and your friend publicly agree on a color. Say, yellow. Anyone listening knows it's yellow. WhatsApp knows. Strangers know. Doesn't matter.

Now you pick a second color in secret. Red. You mix yellow and red, get orange, and send the orange to your friend.

Your friend, separately, picks blue in secret. They mix yellow and blue, get green, and send the green to you.

Now the trick.

You take the green they sent and mix it with your secret red. You get some muddy color. Call it X.

Your friend takes the orange you sent and mixes it with their secret blue. They get the same X.

You both end up with the same color. But nobody watching can figure out what X is. To work it out, they'd need either your secret red or your friend's secret blue, and those never left anyone's phone.

Why does this work? Mixing paint is easy. Unmixing paint is basically impossible². You can stare at a bucket of orange forever and never work out which red and which yellow went into it.

Math has operations that behave exactly like this. Easy one way, brutally hard in reverse. That's the whole basis of modern cryptography.

That shared color X is your encryption key. Your phone uses it to scramble the message. Your friend's phone uses it to unscramble.

But your friend is offline

The paint trick needs both phones online at the same time. What if your friend's phone is off or dead?

Here's the fix. Their phone left a stack of numbered, locked boxes at WhatsApp in advance, and kept the keys at home.

Anyone can grab a box off the server and drop a message inside. Only your friend can open it.

So when you send "hey":

• Your phone grabs box #47, drops "hey" in, sends the locked box back.
• Your friend's phone wakes up, grabs key #47, and opens it.

The server only ever held boxes. The keys never left your friend's phone. This setup is called prekeys.

This whole setup has a formal name. X3DH, or Extended Triple Diffie-Hellman. Fancy name. Same idea.

The part that's actually wild

So far, you and your friend share one secret key. Plenty of encrypted apps stop here.

WhatsApp goes further. Every single message uses a different key.

Not one per chat. Not one per day. One per message.

This is called the Double Ratchet³. Every time a message is sent or received, both phones run the current key through a one-way function that produces a new key. The old one gets thrown away. Not archived, not backed up. Deleted.

Why does this matter?

Say someone steals your phone tomorrow and somehow extracts today's key. In a normal system, they could decrypt every message you've ever sent. With the Double Ratchet, today's key can't unlock yesterday's messages. The key that unlocked yesterday's messages was destroyed yesterday.

This property is called forward secrecy, and WhatsApp gives it to you for free every time you type.

That 'security code changed' message

Every so often, WhatsApp flashes a little yellow note in a chat. "Your security code with your friend has changed."

But it does mean something.

Every chat has a safety number, a fingerprint of the keys you and the other person are using. If that fingerprint changes, it usually means your friend got a new phone or reinstalled WhatsApp, so their phone made fresh keys.

In a much worse case, someone is trying to impersonate your friend. Pretending to be their phone, swapping in a fake set of keys that your phone would trust.

WhatsApp can't tell which case it is. All it can do is flag the change. If you're worried, call your friend and ask: "Did you reinstall?" If yes, fine. If no, something's off.

99% of the time, it's a reinstall. The mechanism is there for the 1%.

What the servers see during transit

While your message is flying between phones, here's everything WhatsApp's servers handle:

• Your phone number
• Your friend's phone number
• A timestamp
• A blob of scrambled bytes
• How big that blob is

That's it for content. The text, the photo, the voice note. None of it is readable to the servers. If a court orders WhatsApp to hand over that blob, they can. But it's still just scrambled bytes. Nobody can unscramble it without the keys, which live only on your phone and your friend's.

If it stopped there, this post would end on a big "your messages are safe" note.

It doesn't stop there.

Where the encryption ends

Encryption only protects the message during its trip. The moment it leaves your phone or arrives on your friend's, it's plain text again. And there are a few places where "plain text again" turns into "not private anymore."

So "end-to-end encrypted" is honest. It just isn't a blanket promise. The math protects the letter on its journey. It can't protect the letter once it's opened, and it can't protect the envelope.

Why this matters

Zoom back out. All the crypto fits in about a fifth of a second. The prekey fetch. The paint mixing. The ratchet step. The encryption. The send. The receive. The decrypt.

You typed one word. You hit send. Somewhere in that blink, two phones ran a cryptographic handshake that would have looked like magic a few decades back.

Now multiply that by 100 billion. That's how many WhatsApp messages go out every day. Every one of them gets its own key, its own ratchet step, its own scramble and unscramble.

The handshake works. It's one of the best pieces of cryptography we actually use.

Just know what it protects, and what it doesn't.

---

¹ April 5, 2016, to be exact. WhatsApp flipped the switch on end-to-end encryption for every chat, for every user, on the same day.

² The real math behind this is called the discrete logarithm problem. Nobody has figured out how to reverse it quickly, and modern cryptography basically bets the farm on that staying true.

³ The Double Ratchet came from the Signal Protocol, first used in the Signal app in 2013. WhatsApp adopted it three years later.

---

Written by Harshit Sharma. If you want to know when new posts are out, follow me on Twitter.