Comment by defraudbah
4 months ago
in short, you don't need access to the device, only to the same network
if you are on the same network and manage either intercept key to bruteforce it or guess encryption key with emoji it's possible to decrypt the whole chat. It works because telegram random generator uses time and some device information which is predictable
the study managed to decrypt 500 messages out of 500 on emulator devices. Brutewforcing takes like a few $100 worth of computing power
Honestly, durovs are exceptional people and enterpreneurs, however their encryption and what they say isn't always what it presented as
In a very real sense you do need access to the device to install the backdoored client.
There is no actual cryptographic weakness presented here...
went through it again, you are right, network access alone isn't enough. It's more about installing a third party app (like telegram desktop or modified version from the store if intervened by the government or any other 3d party)
but the protocol itself does not look reliable, since encoding 85% of messages is quite easy once you change your message padding a bit according to the paper unlike what's used in signal
I am sure that there are a zillion ways to leak information in Signal if you can hack the client. This sort of thing is normally assumed in threat models.