The head of Information and Communication Technologies Authority of Turkey said this on Twitter yesterday:
WhatsApp can read your end to end encrypted messages when necessary. It can decrypt your messages by using a golden key that stored in device memory.
Is there any evidence to this?
No, it's implausible that WhatsApp owns a key to read your end-to-end encrypted messages.
WhatsApp implements end-to-end encryption per the Signal protocol which has maintained a good reputation in the security community. From their security whitepaper:
WhatsApp messages, voice and video calls between a sender and receiver that use WhatsApp client software released after March 31, 2016 are end-to-end encrypted.
The Signal Protocol, designed by Open Whisper Systems, is the basis for WhatsApp’s end-to-end encryption. This end-to-end encryption protocol is designed to prevent third parties and WhatsApp from having plaintext access to messages or calls. What’s more, even if encryption keys from a user’s device are ever physically compromised, they cannot be used to go back in time to decrypt previously transmitted messages.
The last point refers to the property of forward secrecy which the Signal protocol provides by implementing the double ratchet algorithm. This means that even by compromising the current session, WhatsApp wouldn't be able to decrypt any past traffic - there just is no single key that could be used to "decrypt all your messages". So the claim make no sense considering how the protocol works.
That said - while the Signal protocol is open source, the WhatsApp client from your app store is not. If you distrust them to a degree that you expect WhatsApp to ship a backdoor routine in one of their updates, then you'll have to find an alternative messenger to trust.
A "golden key stored in device memory"? Not that I know of.
But WhatsApp does have a vulnerability that potentially allows it to access any messages not yet marked as delivered, according to this Guardian article from 13 January 2017:
WhatsApp has the ability to force the generation of new encryption keys for offline users, unbeknown to the sender and recipient of the messages, and to make the sender re-encrypt messages with new keys and send them again for any messages that have not been marked as delivered.
The recipient is not made aware of this change in encryption, while the sender is only notified if they have opted-in to encryption warnings in settings, and only after the messages have been re-sent. This re-encryption and rebroadcasting effectively allows WhatsApp to intercept and read users’ messages.
The security loophole was discovered by Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley. He told the Guardian: “If WhatsApp is asked by a government agency to disclose its messaging records, it can effectively grant access due to the change in keys.”
The vulnerability is not inherent to the Signal protocol. Open Whisper Systems’ messaging app, Signal, the app used and recommended by whistleblower Edward Snowden, does not suffer from the same vulnerability.
This a bit like having a golden key for the conversation concerned, in that it could allow access to all future messages in that conversation, from the moment of the interception onwards:
Boelter said: “[Some] might say that this vulnerability could only be abused to snoop on ‘single’ targeted messages, not entire conversations. This is not true if you consider that the WhatsApp server can just forward messages without sending the ‘message was received by recipient’ notification (or the double tick), which users might not notice. Using the retransmission vulnerability, the WhatsApp server can then later get a transcript of the whole conversation, not just a single message.”
