WeChat guide
  • What is end-to-end encryption?
  • End-to-end encryption is a method to encrypt data in the source node and to decrypt data in the destination node. The security of data won't be affected by the intermediate node.
  • PriKey which is generated by the client will be used to encrypt all data sent with BAT. It can't be decrypted by any third party include the developer.
  • How does BAT ensure security?
  •  Tunnel Encryption
  •  Content Encryption
  •  Server Database Security
  •  Keys Security
  • More details about BAT's encryption algorithms
  • A. Tunnel encryption
  • What encryption algorithms does Bat use?
  • RSA, ECDHE, AES256_CBC, SHA256, SHA1 used in tunnel encryption.
  • Steps:
  • 1.The client and server generate a nonce respectively.
  • 2.The server sends its nonce to the client.
  • 3.The client will encrypt its nonce by RSA and send it to the server.
  • 4.The server will decrypt the client's nonce by RSA, which can prevent man-in-the-middle attacks.
  • 5.The client's nonce adds the server's will generate TempKey and TempIV (the client and server have the same TempKey and TempIV)
  • 6.The client and server will generate their PriKey and PubKey pair respectively by ECDHE.
  • 7.The client will encrypt its ECDHE PubKey by TempKey and TempIV, then send it to the server.
  • 8.The server will decrypt the ECDHE PubKey sent from the client.
  • 9.The server will encrypt its ECDHE PubKey by TempKey and TempIV. And RSA will create a digital signature on it. The ECDHE PubKey and the RSA digital signature will be sent to the client.
  • 10.The server will generate ShareKey by ECDHE, the client's ECDHE PubKey and the server's ECDHE PriKey.
  • 11.The client will decrypt the ECDHE PubKey and authenticate the digital signature sent from the server. ShareKey will be generated by the client's ECDHE PriKey and the server's ECDHE PubKey.
  • 12.The server will initialize each parameter and send them to the client.The parameters include:
  •  AuthKeyID: It's a random client temperature identifier generated by the server.
  •  MsgKey:MsgKey will be generated after Sha256 encrypt the data which consists of ShareKey, AuthkeyID, MsgID, SessionID, Salt, SeqNo and real message content.The function of MsgKey:
  • a. To prevent data tampering

  • b. By working with ShareKey, aes256 key, IV can be generated, which can encrypt each message.
  •  MsgID: They can be messages and ID related to time. It can prevent replay attacks and deduplicate data.
  •  SessionID: It is a piece of data that is used in network communication. A session ID is typically granted to a visitor on their first visit to a site.
  •   Salt: In cryptography, a salt is random data that is used as an additional input to an one-way function that "hashes" data, a password or passphrase.  Salts are used to safeguard passwords in storage.
  •  SeqNo: To prevent replay attack.
  • 13.Each message has a different MsgID, SessionID, Salt, SeqNo and different message content. These data will cause a different MsgKey for each message each time. The changing MsgKey and ShareKey work together will generate a 32 bytes PriKey and IV for each message.
  • 14.Key agreement would be processed again if ShareKey expired
  • B. Content encryption's details
  • Content encryption use the similar algorithms:
  • 1.ECDHE PubKey and PriKey pair is generated and saved in the client.
  • 2.PubKey will be sent to the server, and PriKey will be saved in the client.
  • 3.When users sign in, they will receive all contact's message include their PubKey.
  • 4.Send and receive messages will use ShareKey which is generated by user's PriKey and the opponent's PubKey.
  • 5.Aes 256 PriKey will be generated by ShareKey for encryption and decryption.
  • C. Database server security
  • Database on the server can prevent man-made tampering.
  • 1.There is a signature field in database.
  • 2.ECDSA PubKey and PriKey pair is generated in database.
  • 3.The server will generate or renew a signature by ECDSA when sensitive fields like password, userID, friend in database are added, deleted, and changed.
  • 4.When these data such as password, userID, contact, etc., are read by the server, the ECDSA signature authentication will be triggered. The following process is allowed only by the right signature.
  • 5.Server routines will be protected by signature and be encrypted.
  • D. Keys security
  • 1.SRP is used for all BAT passwords including login password, unlock passcode and auto login password, etc. These passwords are not stored on the server at all.
  • 2.The PriKey will only be stored in users' phone.
  • 3.Users can change their confidential code on the client at any anytime.
  • What is PubKey and PriKey?
  • PubKey is a public key while PriKey is a private key. They are generated in pair. Either of the keys can be used to encrypt a message; the opposite key of the pair is used for decryption.
  • It is called asymmetric cryptography due to encrypt via PubKey and decrypt via PriKey. RSA and ECDHE are asymmetric cryptography which is mentioned above.
  • How does asymmetric cryptography work?
  • 1.A pair of PriKey and PubKey will be generated separately on Alice's client and Bob's client before they send any message.
  • 2.PubKey is exchanged between Alice and Bob while PriKey is stored on the client.
  • 3.If Alice would like to send a message to Bob, this message would be encrypted via PubKeyB.
  • 4.Then Alice sends this encrypted message to Bob.
  • 5.Bob will decrypt this message via PriKeyB as soon as it is received. Any other PriKey is invalid to decrypt this message.