Security Analysis of Telegram (Symmetric Part) : telegram

this post was submitted on 19 Jul 2021

1 points (100.0% liked)

1216 readers

1 users here now

A community about Telegram, the popular messaging app.

Rules:

be kind and avoid aggressive or offensive language toward other people
do not submit links that are aimed at advertising your channels, groups or bots
English only
posts coming from other Fediverse platforms via ActivityPub (eg. Mastodon) will be removed if they are poorly described and do not fit the kind of structure one would expect from a news aggregator platform such as Lemmy

founded 5 years ago

MODERATORS

[email protected]

Security Analysis of Telegram (Symmetric Part) (mtpsym.github.io)

submitted 3 years ago* (last edited 3 years ago) by [email protected] to c/[email protected]

0 comments fedilink hide all child comments

[16/07/2021] Security analysis of Telegram that exposes 4 cryptographic weaknesses in MTProto. The vulnerabilities have been disclosed to Telegram on 16 April 2021, and have been addressed with the release of version 7.8.1 for Android, 7.8.3 for iOS and 2.8.8 for Telegram Desktop. They do not compromise the plaintext payload carried in transit-encrypted communications through standard MTProto, and the paper concludes that "MTProto can provide a confidential and integrity-protected channel if special care is taken when implementing the protocol". However, it also highlights how properly implementing the protocol is not a trivial task, that might lead to a brittleness/weak implementation: even the three major popular apps needed to be patched to mitigate the highlighted weaknesses.

direct link to the paper

Telegram's answer:

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here