Silent Signals: Side-Channel Exploitation in Multi-Device End-to-End Encrypted Messengers

At DEF CON 2025, Gabriel Gegenhuber and Maximilian Günther presented
Silent Signals: Exploiting Security and Privacy Side-Channels in End-to-End Encrypted Messengers,
an empirical investigation into the exploitation of protocol- and implementation-level side-channels in widely deployed E2EE systems, specifically WhatsApp and Signal in multi-device configurations.

Summary of Findings

The researchers demonstrate that, despite the confidentiality guarantees of end-to-end encryption, secondary information channels can be leveraged to infer sensitive metadata. Identified vectors include:

• Delivery Receipt Timing Side-Channel — Manipulated message reactions and malformed message identifiers can elicit delivery receipts without user-visible artifacts. Analysis of round-trip time (RTT) variations enables:

  • Determination of device online/offline status
  • Estimation of user activity and screen state
  • Potential inference of physical location

• Operating System Fingerprinting and Activity Profiling — Divergences in client protocol handling across operating systems (iOS, Android, desktop) permit identification of the victim’s platform, network conditions (e.g., LTE vs. Wi-Fi), and behavioral patterns.

• Resource Exhaustion Attacks — Engineered message payloads can cause excessive data consumption (~13 GB/hour) and battery depletion (~18 %/hour) without user interaction.

• Prekey Depletion in WhatsApp — Systematic querying of one-time prekeys enables:

  • Remote tracking of device availability
  • Downgrading of cryptographic session establishment by forcing reliance on longer-lived keys, thereby weakening Perfect Forward Secrecy (PFS)

• Prekey-Based Denial of Service — Saturating the prekey allocation mechanism prevents the initiation of new secure sessions by third parties.

Implications

These results indicate that E2EE protects message content but not necessarily metadata integrity. Multi-device synchronization introduces additional attack surfaces, wherein each device instance constitutes an independent leakage vector. This has direct implications for user privacy, forensic investigations, and adversarial surveillance.

Recommended Countermeasures

• Implement rate-limiting on sensitive protocol interactions
• Standardize client behavior across platforms to reduce fingerprinting vectors
• Strengthen client-side validation of incoming message structures
• Randomize delivery receipt issuance timings to mitigate timing analysis
• Provide explicit indicators to the user when PFS guarantees are absent

Conclusion

While formal E2EE protocols may be cryptographically robust, their deployment in heterogeneous, multi-device ecosystems presents exploitable side-channel vulnerabilities. Securing such systems requires equal emphasis on metadata minimization, cross-platform consistency, and resilience against timing- and resource-based attacks.