WhatsApp protocol analysis report
0. Analysis Conclusion:
1.whatsapp audio and video communication, must be on the other side to agree on the basis of communication, only to obtain the other side of the network IP address, after the flow of WhatsApp communication analysis, found to be unaware of the other side of the case to obtain the IP address, is impossible to achieve. See the analysis process below for details.
2.WhatsApp voice calls are encrypted, and the key is transmitted to each other through the XMPP protocol before the call begins, so the communication process is unable to listen to the chat content. See the analysis process below for details.
1, the acquisition of voice communications to the end of the external network IP analysis process:
scenario: Clienta to CLIENTB to initiate voice call request, CLIENTB agreed to telephone request, and ultimately terminated by CLIENTB call Request!!
first, Clienta to CLIENTB to initiate a voice call request,The Clienta end invokes the Startcall function,
1. Call Generatee2ekeys to generate a e2e Callkey, Callkeyencryption and decryption of data used for calls
2. Send a Calloffer request to CLIENTB, the request package contains Callkey 3.ClientB received Calloffer request, read out the Callkey, for the call of data encryption and decryption, 4. Then reply to apreaccept A reply package to Clienta. The package contains some property information about the audio and video used to clienta the parameters of the player that initialized the Openslse
4.ClientA receivedpreaccept Request packet information, initialize, prepare for the call. Then wait for the CLIENTB choice: agree to the call, or reject the call.
Second, ClientB: agree to call request---client sideCall Acceptcall 1. Call Audiostream to start CLIENTB communication from operation, SRTP operation, OpenSL audio aspect operation
2. Send the Accept reply package to Clienta, accept contains,CLIENTB IP address--endpoints, audio and video encoding format--encoding, sample acquisition rate: 3.ClientA received the Accept package, callingnativehandlecallofferaccept function, receive peer IP address, and then establish a to-do connection, the connection successfully started the call
Comprehensive analysis:must need CLIENTB agree to call, in order to get the user ClientB IP address, so to achieve a quiet way to obtain the IP address of the end is impossible is a thing.
2, Voice communication voice information encryption and decryption analysis process:1.WHATSAPP of voice communication is transmitted using the SRTP protocol, as shown in:
2.WHATSAPP Voice data is encrypted two times before the network is transmitted, oncethe encryption of WhatsApp voice data, and the other is the SRTP transmission protocol internal encryption. Two times encryption is using symmetric encryption algorithm, two encryption keys are derived from a 32-bit random variable callkey. The Callkey is delivered by Call-offer request packets based on the analyst above before the call.
Sum up:can not be decrypted by the voice packet to achieve the listening to the Voice!!!
Null
WhatsApp protocol Analysis Report
