dating book kiss the frog - Dark secret chat mobile

“Attacks only get better.”That debate over Telegram highlights just how differently security researchers and law-enforcement officials view the cryptographic balance of power.As the rules of the IND-CCA game highlight, cryptographers often test their protocols against what they assume will be a nearly-omnipotent adversary, one with what amounts to a Magic 8-Ball.

Dark secret chat mobile-34

In 2014, for example, when Telegram’s more popular competitor Whats App decided to upgrade its security, it did so by working with Open Whisper Systems to implement that organization’s well-regarded Text Secure protocol.

In that light, Telegram’s choice to pursue an original design stands out.

This October, a little over a month after the two first alerted Telegram to their finding, the organization answered that a future patch would address the concern they had raised.

The dispute has less to do with this specific attack than what cryptographers say it signals, a deeper shakiness in Telegram’s home-brewed approach to encryption.

“They came up with something totally new, and a little weird, and mysterious,” the Johns Hopkins University professor Matthew Green said.

“It’s like coming up and finding a submarine where the doors are made out of Saran Wrap.

That standard is meant to imply that an attacker trying to decipher a message can’t wring information out of the encrypted version. If an adversary asks Telegram to encrypt one of two messages, and receives the encrypted version in return, it shouldn’t be possible to guess which message was enciphered, at least not with better odds than chance—even if you give the adversary access to a “decryption oracle” that can crack any message secured by the same algorithm.

By design it’s a heavy burden of proof, and on a narrow, technical level, Telegram fails the test.

And when the pair went looking for a flaw in the protocol, they found one.

Tags: , ,