DEF CON 25 Crypto and Privacy Village - Tomas Susanka - Security Analysis of the Telegram IM

hvGyog57gwI/default.jpg

Telegram is a popular instant messaging service, a self-described fast and secure solution. It introduces its own home-made cryptographic protocol MTProto instead of using already known solutions, which was criticised by a significant part of the cryptographic community.

In this talk we will briefly introduce the protocol to provide context to the reader and then present two major findings we discovered as part of our security analysis performed in late 2016. First, the undocumented obfuscation method Telegram uses, and second, a replay attack vulnerability we discovered. The analysis was mainly focused on the MTProto protocol and the Telegram's official client for Android.



hvGyog57gwI/default.jpg
DEF CON 25 Crypto and Privacy Village - Tomas Susanka - Security Analysis of the Telegram IM DEF CON 25 Crypto and Privacy Village - Tomas Susanka - Security Analysis of the Telegram IM Reviewed by Unknown on January 13, 2018 Rating: 5