1

So we want to block file uploads on WhatsApp but since it's encrypted, I doubt this can be done, however, can PANOS decrypt WhatsApp??

I ask because WhatsApp doesn't exactly use SSL right, it's more of a PGP sort of encryption, can we decrypt that?

We're using Palo alto firewalls, they support decryption for TLS traffic but does this work for whatsapp encryption tech as well?

wannabemssp
  • 11
  • 1
  • You are asking if SSL inspection can casually break end-to-end encryption? – schroeder Mar 11 '22 at 11:42
  • You can block large payload size. WhatsApp message size is very small because they use FunXMPP for message transport. Size of media elements is in few Kilobytes. So it's easier to distinguish. – defalt Mar 11 '22 at 16:20
  • @schroeder yes that's the question in brief..and I'm asking about whatsapp mobile app to be specific – wannabemssp Mar 12 '22 at 12:32

1 Answers1

1

Probably not, the only definitive answer would come from the WhatsApp team.

Corporate firewall MITM depends on employee browsers trusting the certificate presented by the firewall. One can clearly see this effect if they have to use any other program which depends on TLS/HTTPS and is not informed of the firewall (aptitude package manager). There is no option for this in WhatsApp.

foreverska
  • 1,115
  • 11
  • I see..so basically we cannot import the corporate CA certificate to whatsapp, would it work if we add it to the mobile os itself? – wannabemssp Mar 12 '22 at 12:33
  • Please look up how WhatsApp's encryption works. It uses end-to-end encryption, not at the app level but at the conversation level. You would need to somehow gain all the keys to all the conversations. https://security.stackexchange.com/questions/119636/whatsapp-encryption-keys – schroeder Mar 12 '22 at 13:32