- cross-posted to:
- technology@lemmy.world
blog.cryptographyengineering.com
- cross-posted to:
- technology@lemmy.world
Blog post by crypto professor Matthew Green, discussing what Telegram does (I wasn’t familiar with it) and criticizing its cryptography. He says Telegram by default is not end-to-end encrypted. It does have an end-to-end “secret chat” feature, but it’s a nuisance to activate and only works for two-person chats (not groups) where both people are online when the chat starts.
It still isn’t clear to me why Telegram’s founder was arrested. Green expresses some concern over that but doesn’t give any details that weren’t in the headlines.
telegram put up bounties relating to specific properties of their encryption, yes but there’s more to private messaging than just encryption… for example afaik it’s trivial to do things like replay attacks
their encryption may not be flawed, but they failed to design an algorithm that protects against the wide array of modern attacks, as they are mathematicians; not security experts. they understood the maths, but not the wider scope of implementation
a good example of these is linked down thread about MLS
the telegram bounties afaik only cover 1 security property
But can you provide an example of an actual flaw being demonstrated by anybody with or without a bounty?