Jump to content
Tuts 4 You

A Practical Cryptanalysis of the Telegram Messaging Protocol

Teddy Rogers

About This File

The number one rule for cryptography is never create your own crypto. Instant messaging application Telegram has disregarded this rule and decided to create an original message encryption protocol. In this work we have done a thorough cryptanalysis of the encryption protocol and its implementation. We look at the underlying cryptographic primitives and how they are combined to construct the protocol, and what vulnerabilities this has. We have found that Telegram does not check integrity of the padding applied prior to encryption, which lead us to come up with two novel attacks on Telegram. The first of these exploits the unchecked length of the padding, and the second exploits the unchecked padding contents. Both of these attacks break the basic notions of IND-CCA and INT-CTXT security, and are confirmed to work in practice. Lastly, a brief analysis of the similar application TextSecure is done, showing that by using well known primitives and a proper construction provable security is obtained. We conclude that Telegram should have opted for a more standard approach.

User Feedback

Recommended Comments

There are no comments to display.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...