Gabriel Karl Gegenhuber, University of Vienna and UniVie Doctoral School Computer Science; Philipp É. Frenzel, SBA Research; Maximilian Günther and Aljosha Judmayer, University of Vienna
WhatsApp, the world’s largest messaging application, uses a version of the Signal protocol to provide end-to-end encryption (E2EE) with strong security guarantees, including Perfect Forward Secrecy (PFS). To ensure PFS right from the start of a new conversation—even when the recipient is offline—a stash of ephemeral (one-time) prekeys must be stored on a server. While the critical role of these one-time prekeys in achieving PFS has been outlined in the Signal specification, we are the first to demonstrate a targeted depletion attack against them on individual WhatsApp user devices. Our findings not only reveal an attack that can degrade PFS for certain messages, but also expose inherent privacy risks and serious availability implications arising from the refilling and distribution procedure essential for this security mechanism.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Gabriel Karl Gegenhuber and Philipp {\'E}. Frenzel and Maximilian G{\"u}nther and Aljosha Judmayer},
title = {Prekey Pogo: Investigating Security and Privacy Issues in {WhatsApp{\textquoteright}s} Handshake Mechanism},
booktitle = {19th USENIX WOOT Conference on Offensive Technologies (WOOT 25)},
year = {2025},
isbn = {978-1-939133-50-2},
address = {Seattle, WA},
pages = {209--227},
url = {https://www.usenix.org/conference/woot25/presentation/gegenhuber},
publisher = {USENIX Association},
month = aug
}
