[16/07/2021] Security analysis of Telegram that exposes 4 cryptographic weaknesses in MTProto. The vulnerabilities have been disclosed to Telegram on 16 April 2021, and have been addressed with the release of version 7.8.1 for Android, 7.8.3 for iOS and 2.8.8 for Telegram Desktop. They do not compromise the plaintext payload carried in transit-encrypted communications through standard MTProto, and the paper concludes that “MTProto can provide a confidential and integrity-protected channel if special care is taken when implementing the protocol”. However, it also highlights how properly implementing the protocol is not a trivial task, that might lead to a brittleness/weak implementation: even the three major popular apps needed to be patched to mitigate the highlighted weaknesses.
Telegram’s answer: