Javascript must be enabled to continue!

Chat-App Decryption Key Extraction Through Information Flow Analysis

Recent years have seen a pervasive usage of mobile-based instant messaging apps, which are popularly known as chat apps. On users' mobile devices, chat logs are usually stored encrypted. This paper is concerned with discovering the decryption key of chat-log database files as they are used by popular chat apps like WhatsApp and WeChat. We propose a systematic and generalized information-flow based approach to recovering the decryption key by taking advantage of both static and dynamic analyses. We show that, despite the employed code obfuscation techniques, we can perform the key discovery process on relevant code portions. Furthermore, to the best of our knowledge, we are the first to detail the employed string de-obfuscation, encrypted database file structure, and decryption-key formulation of the latest WhatsApp with crypt12 database. We also demonstrate how our key-extraction techniques can decrypt encrypted WhatsApp and WeChat database files that originate from a target device. Additionally, we show how we can construct a version of WhatsApp or WeChat that simulates the key generation processes of a remote target device, and recover the keys. Lastly, we analyze why our technique can work on widely-popular chat apps, and mention measures that can be adopted by chat-app developers to better protect the privacy of billions of their users.

IOS Press

Dai Zhongmin Sufatrio Chua Tong-Wei Balakrishnan Dinesh Kumar Thing Vrizlynn L.L.

Cryptology and Information Security Series

2025

Title: Chat-App Decryption Key Extraction Through Information Flow Analysis

Description:

Recent years have seen a pervasive usage of mobile-based instant messaging apps, which are popularly known as chat apps.

On users' mobile devices, chat logs are usually stored encrypted.

This paper is concerned with discovering the decryption key of chat-log database files as they are used by popular chat apps like WhatsApp and WeChat.

We propose a systematic and generalized information-flow based approach to recovering the decryption key by taking advantage of both static and dynamic analyses.

We show that, despite the employed code obfuscation techniques, we can perform the key discovery process on relevant code portions.

Furthermore, to the best of our knowledge, we are the first to detail the employed string de-obfuscation, encrypted database file structure, and decryption-key formulation of the latest WhatsApp with crypt12 database.

We also demonstrate how our key-extraction techniques can decrypt encrypted WhatsApp and WeChat database files that originate from a target device.

Additionally, we show how we can construct a version of WhatsApp or WeChat that simulates the key generation processes of a remote target device, and recover the keys.

Lastly, we analyze why our technique can work on widely-popular chat apps, and mention measures that can be adopted by chat-app developers to better protect the privacy of billions of their users.

Back

IntroductionLike other forms of embodiment, pregnancy has increasingly become subject to representation and interpretation via digital technologies. Pregnancy and the unborn entity...

Usability and User Experience of an mHealth App for Therapy Support of Patients With Breast Cancer: Mixed Methods Study Using Eye Tracking

Background Early identification of quality of life (QoL) loss and side effects is a key challenge in breast cancer therapy. Digital tools can be helpful components of t...

Usability and User Experience of an mHealth App for Therapy Support of Patients With Breast Cancer: Mixed Methods Study Using Eye Tracking (Preprint)

BACKGROUND Early identification of quality of life (QoL) loss and side effects is a key challenge in breast cancer therapy. Digital tools can be helpful com...

A Mobile App, KhunLook, to Support Thai Parents and Caregivers With Child Health Supervision: Development, Validation, and Acceptability Study (Preprint)

BACKGROUND In Thailand, children born in government hospitals receive a maternal and child health handbook (MCHH). However, when a new MCHH edition is relea...

Calcium Ionophore-Induced Tissue Factor (TF) Decryption Induces TF Immobilization Into Lipid Rafts and Negative Regulation of TF Procoagulant Activity.

Abstract Abstract 1131 Cell exposed tissue factor (TF), the physiologic initiator of blood coagulation, is normally expressed in a low procoagulant, o...

Effectiveness of self-management APP in different follow-up intervention among patients with chronic kidney disease: a retrospective cohort study with a 3-year follow-up (Preprint)

BACKGROUND The prevalence of CKD puts pressure on health systems providing care to patients and has led to an increase in mobile apps seeking to improve sel...

User Friendliness and Perioperative Guidance Benefits of a Cataract Surgery Education App: Randomized Controlled Trial

Background Cataract surgeries are among the most performed surgeries worldwide. A thorough patient education is essential to inform patients about the perioperative pro...

User Friendliness and Perioperative Guidance Benefits of a Cataract Surgery Education App: Randomized Controlled Trial (Preprint)

BACKGROUND Cataract surgeries are among the most performed surgeries worldwide. A thorough patient education is essential to inform patients about the perio...

Email:
Password:

Email:

Chat-App Decryption Key Extraction Through Information Flow Analysis

Related Results