Whatsapp encryption: are the public keys requested from the server every new message or only at session setup?
I was reading through a WhatsApp whitepaper (and all related questions here) and couldn't find an answer to this question: are the public keys for the recipient requested by the sender from WhatsApp servers every new message or only at session setup?
I'm asking this to know if WhatsApp, compelled by a government order, can, in theory, create a 'fake' public key for the recipient, which in reality belongs to WhatsApp itself, and in turn gain access to the communication between parties. I understand that this possibility exists because the keys are requested from WhatsApp servers, but are they requested at every new message (thus making it able to be intercepted at any time if the public keys are swapped) or only at the first communication between parties?
Also, I understood that they use 'forward secrecy', which means at every new message a new key-pair is generated, is that correct?
