End to End encryption
Signal (Protocol) (= Axolotl, previously) in yowsup
Yowsup now implements end-to-end encryption protocol found in Textsecure, which WhatsApp has recently adapted in their Android clients, and slowly coming to other platforms. This was achieved by porting libsignal-protocol-java library to python (python-axolotl) and integrating it with yowsup.
How it works in yowsup
Because of the layer-architecture in yowsup, it was easy to just snap in a new axolotl layer, without any of the other layers knowing/caring about the existence of this feature.
Remark(added 2016-09-xx): Please note that by now, the Axolotl Layer becomes Axolotl Layers. (Ref: "Split up axolotl into 3 layers")
The layer intercepts incoming and outgoing messages, and handles the following:
- Generating prekeys, signed prekey, identity key, registration id, persisting and sending them to WhatsApp if they don't exist
- Automatically regenerating and sending new keys when we get a notification from WhatsApp to do so
- Establishing sessions and fetching prekeybundle for a recipient with no session when you send a message to them.
- Transforming outgoing message data from upper layers into encrypted prewhispermessages/ whispermessages before sending them, depending on current session state.
- Transforming the incoming encrypted prewhispermessages/whispermessages into plaintext for upper layers to handle normally.
- Session data is stored in '.yowsup/YOUR_PHONE/axolotl.db' found in your user directory.