Meta Advances End-to-End Encrypted Backups with HSM Vault Upgrades
Meta strengthens end-to-end encrypted backups for WhatsApp/Messenger with HSM vault upgrades: over-the-air fleet key distribution and transparent fleet deployment evidence. Users can verify security.
The Foundation: HSM-Based Backup Key Vault
Meta has built a sophisticated infrastructure known as the HSM-based Backup Key Vault to secure end-to-end encrypted backups for both WhatsApp and Messenger. This system empowers users to protect their chat history with a recovery code, which is stored inside tamper-resistant hardware security modules (HSMs). Critically, neither Meta, cloud storage providers, nor any third party can access this code. The vault operates as a geographically distributed fleet across multiple data centers, ensuring resilience through a majority-consensus replication mechanism.
Passkeys and Infrastructure Strengthening
Toward the end of last year, Meta simplified the process of enabling end-to-end encryption for backups using passkeys. Now, the company is reinforcing the underlying infrastructure that protects password-based end-to-end encrypted backups with two significant updates: over-the-air fleet key distribution for Messenger and a commitment to publishing evidence of secure fleet deployments.
Over-the-Air Fleet Key Distribution
To verify the authenticity of an HSM fleet, client applications must validate the fleet's public keys before establishing a secure session. In WhatsApp, these keys are hardcoded into the application itself. However, to support Messenger—where new HSM fleets may need to be deployed without forcing users to update the app—Meta devised a method to distribute fleet public keys over the air as part of the HSM's response. These keys are delivered in a validation bundle that is signed by Cloudflare and then counter-signed by Meta, providing independent cryptographic proof of their authenticity. Additionally, Cloudflare maintains an audit log of every validation bundle issued. The complete validation protocol is detailed in Meta's whitepaper, “Security of End-To-End Encrypted Backups.”
Transparent Fleet Deployment
Transparency in the deployment of the HSM fleet is essential to demonstrating that the system behaves exactly as designed and that Meta cannot access users' encrypted backups. To this end, Meta will now publish evidence of the secure deployment of each new HSM fleet on this blog page—further cementing its leadership in secure encrypted backups. New fleet deployments are infrequent, typically occurring no more than once every few years. Meta commits to proving that each new fleet is deployed securely, and any user can verify this by following the steps outlined in the Audit section of the whitepaper.
Technical Specification
For the complete technical specification of the HSM-based Backup Key Vault, including the full validation protocol and audit procedures, refer to the whitepaper titled “Security of End-To-End Encrypted Backups.” This document provides an in-depth look at the architecture and security guarantees of the system.
How Users Can Verify Fleet Deployments
As mentioned, users can independently verify that each newly deployed HSM fleet is genuine and secure. The process involves downloading the published evidence from this blog, cross-referencing it with the Cloudflare audit log, and following the cryptographic verification steps described in the whitepaper. This ensures that the HSM fleet is exactly what Meta claims and that no unauthorized modifications have occurred.