Now Reading
Decrypting encrypted WhatsApp databases without the key

Decrypting encrypted WhatsApp databases without the key

Every month our lab receives lots of requests to decrypt encrypted WhatsApp databases without the crypt key. In this article we’ll speak about available methods of the key extraction or recovery and the perspectives of decryption of encrypted WhatsApp databases without the crypt key.


WhatsApp crypt key location


So, what is the crypt key? It is a file with “key” name stored in  userdata/data/сom.whatsapp/files/.



Figure 1. The “key” file


The crypt key extraction and recovery


The main problem of decryption encrypted WhatsApp databases is that the key is always stored on the device, but encrypted databases can be also stored on it’s SD card, for example.



Figure 2. Encrypted WhatsApp databases


Usually to extract the crypt key a digital forensic examiner must perform a physical extraction from the device. But it’s not always possible due to software and hardware issues of some mobile devices. Of course, there are methods of extraction the crypt key from non-rooted devices, but these techniques can be applied to a limited number of devices.

If your client has the SIM-card used for the crypt key generation on the examined device, we can get a new key via reinstalling WhatsApp. The new key can be used to decrypt old databases.

The crypt key mining: a digital forensic examiner can try to recover the deleted key from the examined mobile device. Of course, you’ll need a physical image of the device. Extract strings and choose those with morphology similar to the crypt keys. Then try to use these keys to decrypt the encrypted databases you got.


The perspectives of decryption of encrypted WhatsApp databases without the crypt key


Nowadays there are no public solutions for decryption of encrypted WhatsApp databases without the crypt key.



Figure 3. Decrypted WhatsApp database (confidential information is not displayed)


In our opinion there are two main ways to solve the problem:

  • reverse engineering of WhatsApp code in order to understand the encryption algorithm. Very often the bugs in code allow the cell phone forensic expert to make development of decryption method much easier, or even find backdoors which help to decrypt the data very quick;
  • using mainframes or clouds to brute-force the crypt key. This technique shows very good results in password recovery and data decryption. Of course, it’s too expensive to use for WhatsApp databases decryption.

If you have any questions on WhatsApp databases decryption feel free to contact us using this form.

About the authors:

Igor Mikhaylov

Interests: Computer, Cell Phone & Chip-Off Forensics

Oleg Skulkin

Interests: iOS forensics, Android forensics, Mac OS X forensics, Windows forensics, Linux forensics

  • Gajanan
    2018-04-04 at 8:06 AM

    very usfule

  • surya
    2018-06-26 at 7:58 AM

    i need more help, can u help me

  • 2018-09-04 at 12:33 AM

    Ok, i’ve cracked a google account and have downloadedd the crypt12 db file from the google drive but i dos’t have any access to the users phone also i need an other way to crack the database. I’ve a 2 gforce 1080ti graphic cards, can i use thier GPUs to crack the database or it’s impossible because it’s a to long time? I meen when i need to wait mor then one billion years it’s not a practicular way for a atac but what is with rainbow tables?

    And other quastion, have someone found any backdoors or exploits for the whatsapp algorytm?

  • Ronny
    2018-10-18 at 10:23 AM

    through which application your encrypted that less amount of whatsapp data? i know there isnt showing confidential info but msgs. How did you get that?

  • John
    2018-12-11 at 12:28 AM

    I’ve tried to extract WhatsApp Crypt Key from Android 7.0 WhatsApp 2.18.361 and it is not working. Apparently it is an issue with Android 7.

    I physically have the phone. Do you know of a method I can used, even if with paid software, to get the key file?

  • arsenio
    2018-12-28 at 6:07 AM

    “reverse engineering of WhatsApp code in order to understand the encryption algorithm.” the encryption algorithm used by WA is known (AES based). The only missing part is the access to the key generation algo that looks to be done on their servers. So two possibilities, they generate them in a deterministic way (get the salt and the algo running on their servers) or they are randomly generated… find a hole in their webservices to get keys without the sms/phonecall handshake

  • Ismail Noor
    2020-01-16 at 1:01 PM

    Any body help me on decrypting encrypted whatsapp database file without key ?

  • Jhon
    2020-03-26 at 12:15 AM
    Please read me
    I need help you

  • Nandu
    2021-01-20 at 1:29 AM

    I have doubts sir..can you contact me

  • zero cool
    2021-03-11 at 1:25 PM


    Nice atricle and amazing blog by the way… Forensics stuffs are always challengers and very interesting.

    I have here both the key and the whatsapp database, because I can access the smartphone phiscally.

    My question is: which software I need to use to decrypt the database and read the messages? Any tip on this?


  • Gian
    2021-04-12 at 8:55 AM

    How to get whatsapp key from android 8.0 or above and is same key will work on old whatsapp database like crypt 7 ,8 .
    How to decrepyt old and new one database ?

  • MJ
    2021-08-10 at 4:56 PM

    I do access to an icloud account and I managed to download “ChatStorage.sqlite.enc” file.
    I have icloud username and password, phone IMEI and I know the phone number, but I do not have access to the number.

    So, how can I decrypt the database?


  • raul zambrano
    2021-09-20 at 10:34 AM

    have the whatsapp-key of a samsung s7, but it is migrated to a Xiomi 10, the number is the same, I can somehow modify the key to continue reading the messages

  • Abrosius Iipinge
    2022-01-19 at 6:54 PM

    I’m using Huawei Y7 2018 and it seems it doesn’t create any key in the andress Android/data/com.whatsapp folder. All I find in there is a file written “cache” and nothing else. Is there anyway I can get the key for crypt 14 WHATSAPP DATABASE?

Leave a Response

Please enter the result of the calculation above.