Security Analysis of the Telegram IM

Tomáš, Sušánka; Kokeš, Josef

doi:10.1145/3150376.3150382

Cited by 13 publications

(8 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[11], and corroborates prior work that established the use of Telegram by activists [33]. However, Telegram has received relatively little attention from the cryptographic community [53,58] or information security research [1,6,97]. As noted in [58], academic attention is focused on the Signal Protocol partly due to its strong security promises such as forward secrecy and post-compromise security.…”

Section: Secure Messagingsupporting

confidence: 67%

Collective Information Security in Large-Scale Urban Protests: the Case of Hong Kong

Albrecht¹,

Blasco²,

Jensen³

et al. 2021

Preprint

View full text Add to dashboard Cite

The Anti-Extradition Law Amendment Bill protests in Hong Kong present a rich context for exploring information security practices among protesters due to their large-scale urban setting and highly digitalised nature. We conducted indepth, semi-structured interviews with 11 participants of these protests. Research findings reveal how protesters favoured Telegram and relied on its security for internal communication and organisation of on-the-ground collective action; were organised in small private groups and large public groups to enable collective action; adopted tactics and technologies that enable pseudonymity; and developed a variety of strategies to detect compromises and to achieve forms of forward secrecy and post-compromise security when group members were (presumed) arrested. We further show how group administrators had assumed the roles of leaders in these 'leaderless' protests and were critical to collective protest efforts.

show abstract

Section: Secure Messagingsupporting

confidence: 67%

Collective Information Security in Large-Scale Urban Protests: the Case of Hong Kong

Albrecht¹,

Blasco²,

Jensen³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…The procedure taken in this research development consists of 9 steps described as follows: (1) In the analysis of problem-solving needs include activities: (a) analyzing the existing conditions, namely looking for the root problems of the needs to be solved by learners (learners) who is the goal of problem-solving learning outcomes; (b) identify what needs to be mastered (knowledge, attitudes, and skills) to solve problems and follow up on possible new problems that need to be solved; (c) identify the difference between the expected goal condition and the existing condition; (d) determine and document the strengths that exist related to performance, and (e) determine what are the priorities to overcome the existing problems. The needs analysis is done by observation, interviews, and questionnaires, (2) In the analysis of learning resources includes activities analyzing the sources of people and media, namely: (a) Identification of learning resources includes the ability to teach staff, other teaching staff, computer technicians to develop online learners, offline, and mobile both owned by schools and outside the school, (b) identification of learning resources available include print, audio, audiovisual, computer, internet, and smartphone learning resources at school, (c) identification of learning resources There are printed learning resources, audio, audiovisual, computer, internet, and smartphone that are outside the school (WEB and other accesses. (3) At this stage, an analysis of the initial abilities and characteristics of students will be conducted, (4) Formulating learning objectives have been identified based on the previous steps, then arranged in order of the most important things.…”

Section: Research and Development Proceduresmentioning

confidence: 99%

“…Online learning enables the learning process that can achieve in the form of "complex skills" needed in the global era while enabling student-centered learning [1]. Meanwhile, according to [2] mentions some potential that can be developed from online learning resources in the learning process, it enables the learning process that can achieve achievements in the form of "complex skills" needed in the global era while enabling student-centered learning [3]. Meanwhile, according to [4] mentions some potential that can be developed from online learning resources in the learning process namely: (1) drawing on web-based material to be used by students both within and outside lesson time, (2) teachers modifying and adapting web-based resources for use with their students, (3) teachers using the Internet to support their professional needs.…”

Section: Introductionmentioning

confidence: 99%

Developing E-learning Module by Using Telegram Bot on ICT for ELT Course

Aisyah¹,

Istiqomah²,

Muchlisin³

2021

Advances in Social Science, Education and Humanities Research

View full text Add to dashboard Cite

Pre-service teachers who are taking undergraduate education after graduating will face generation z students, where students are already facing the 21st century and gadgets have become their playmates. Using gadgets that only for playing games and social media has been deemed less useful. It needs to facilitate teaching how to make learning media using smartphones to equip pre-service teachers to be proficient in utilizing technology, which is called MALL. The objective of this study is to produce a product of teaching materials based e-learning by telegram bot application. The materials are about ICT in English language teaching course. This course is for the seventh-semester students in the English education study program Universitas PGRI wiranegara pasuruan. The method is research and development (RnD). The steps are finding the problems. Collecting data, product design, design validation, design revision, product try out, product revision, utility testing, final product revision, and dissemination. the product has been not only validated materials and media but also testing usage. the materials validation expert shows that the average percentage is 94% and the media expert validation shows that the average percentage is 72%. The tryout result shows that the average percentage is 82%. The dissemination product shows that the average percentage is 87%. Based on the results shows that this e-learning materials product includes an invalid category.

show abstract

“…Besides, earlier versions of the protocol did not provide forward secrecy, and message sequence numbers were managed by the server, so that a malicious server could easily perform replay attacks [12]. Another form of replay attack was discovered in Android's Telegram client v3.13.1 [18], where the same message could be accepted twice by a client after 300 more messages had been sent. This was due to a flaw in the implementation, which did not abide by Telegram's Security Guidelines for Client Developers; in particular, the app did not check that the message ID of the received message was greater than any of the stored IDs.…”

Section: Related Workmentioning

confidence: 99%

“…This was due to a flaw in the implementation, which did not abide by Telegram's Security Guidelines for Client Developers; in particular, the app did not check that the message ID of the received message was greater than any of the stored IDs. This was fixed in Telegram v3.16 [18].…”

Section: Related Workmentioning

confidence: 99%

Automated Symbolic Verification of Telegram's MTProto 2.0

Miculan,

Vitacolonna

2020

Preprint

View full text Add to dashboard Cite

MTProto 2.0 is a suite of cryptographic protocols for instant messaging at the core of the popular Telegram messenger application, which is currently used by more than 400 millions of people.In this paper we analyse MTProto 2.0 using ProVerif, a symbolic cryptographic protocol verifier based on the Dolev-Yao model. In particular, we provide a fully automated proof of the soundness of MTProto 2.0's authentication, normal chat, end-to-end encrypted chat, and re-keying mechanisms with respect to several security properties, including authentication, integrity, confidentiality and perfect forward secrecy. To prove these results we proceed in a modular way: each protocol is examined in isolation, relying only on the guarantees provided by the previous ones and the robustness of the basic cryptographic primitives.Our research proves the formal correctness of MTProto 2.0, and it can serve as a reference for implementation and analysis of clients and servers. Moreover, we isolate the aspects of cryptographic primitives that require further investigation, in order to deem this protocol suite definitely secure.

show abstract

Security Analysis of the Telegram IM

Cited by 13 publications

References 2 publications

Collective Information Security in Large-Scale Urban Protests: the Case of Hong Kong

Collective Information Security in Large-Scale Urban Protests: the Case of Hong Kong

Developing E-learning Module by Using Telegram Bot on ICT for ELT Course

Automated Symbolic Verification of Telegram's MTProto 2.0

Contact Info

Product

Resources

About