Whatsapp encryption keys

"I did not generate my private/public keys"

You didn't, but your device did.

"nor can I change them"

I wouldn't be surprised if they add that ability in future (as it'd just be a case of being allowed to authenticate with your existing key and then request that it be replaced: providing only a new public key at that point)

Could it be that the private keys were intercepted as they were being sent to users?"

The keys are generated client-side, or so they say...

"Could it be that Whatsapp kept the private keys, just in case the FBI gets really mad about not being able to access some account and demand cooperation?"

We'll see....

Their paper gives a decent description of what's going on and includes a link to the (open source) protocol library that they use.

However, as with any system, you ultimately have to trust that they're on your side and not the bad guy's (whoever that may be) because if they control the code and the updates to it, then they still have the power to release modifications targeting specific users etc if required... However, much like the Apple vs FBI case, it's really not in the tech companies' best interest to be seen to give in to such demands.

It is correct that you did not generate the keys, WhatsApp did. So you have to trust WhatsApp on this, and on not keeping any copy of the private key. At most you can verify that you are exchanging messages with whom you think you are by comparing the 'fingerprints' of the keys (again trusting WhatsApp on this as they tell you this information).

In short, you have to trust WhatsApp to follow the security protocol for each step as described here. WhatsApp source code is not available, therefore, if you use it, you must be aware that you are trusting WhatsApp on everything you do, whether the communication channel is said to be encrypted end-to-end or not.