Security Analysis of the Telegram IM

DEF CON 25

Presented by: Tomas Susanka (CTU Prague)
Date: Friday July 28, 2017
Time: 16:00 - 16:30
Location: Florentine Ballroom 4
Track: Crypto and Privacy Village

Telegram is apopular instant messaging service, a self-described fast and secure solution. It introduces its own home-made cryptographic protocol MTProto insteadof using already known solutions, which was criticised by a significant part of the cryptographic community.

In this talk we will briefly introduce the protocol to provide context to the reader and then present two majorfindings we discovered as part of our security analysis performed in late2016. First, the undocumented obfuscation method Telegram uses, and second, a replay attack vulnerability we discovered. The analysis was mainly focused on the MTProto protocol and the Telegram's official client for Android.

Tomas Susanka

Tomáš Sušánka studied and lives in Prague and occasionaly otheruniversities and cities because, according to him, why not. He wrote hisMaster's thesis on Telegram IM and amongst other things discovered an undocumented obfuscation and a possible vulnerability, which he then reportedto the powers that be. Earlier this year he graduated from FIT CTU and currently would like to move into the world of infosec. He's joining Cloudflare's crypto team for a summer internship in 2017. When he wasn't roaming the world and studying abroad he worked on a number of web applications, APIs and a Q&A mobile game. He likes to eat grapefruits before going to bed and playing chess, as unlikely a combination as it sounds.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats