Edward Kiledjian

As security professionals, it's vital to understand the encryption protocols used in widely adopted messaging platforms. With Telegram's growing popularity, it's important to explore the custom encryption protocol it uses—MTProto—to secure communications. Let's take a deep dive into the technical aspects of MTProto and what it means for messaging security.

What is MTProto?

MTProto is Telegram's unique encryption protocol, currently in its 2.0 version. This protocol is designed to secure communications between clients and servers, replacing the industry-standard TLS protocol. However, it's worth noting that end-to-end encryption based on MTProto is optional on Telegram and, by default, isn’t available for group chats.

How MTProto Works

MTProto 2.0 leverages the following cryptographic methods:

• 256-bit symmetric AES encryption
• 2048-bit RSA encryption
• Diffie-Hellman key exchange

Each message sent through MTProto involves a 64-bit key identifier (auth_key_id) and a 128-bit message key (msg_key). These elements, combined with the authorization key, create a 256-bit AES key and an initialization vector, used for encrypting messages in IGE (Infinite Garble Extension) mode.

Security Aspects to Consider

Formal Verification: In 2020, researchers from the University of Udine formally verified MTProto 2.0 using ProVerif, a symbolic Dolev-Yao model verifier. Their study confirmed the protocol's effectiveness in providing authentication, integrity, confidentiality, and perfect forward secrecy.

Trust in Servers: Despite this formal verification, the researchers advised caution, noting that Telegram servers shouldn’t be fully trusted since they manage both plaintext and ciphertext communications.

Man-in-the-Middle Risk: A potential vulnerability exists if users don’t verify the fingerprints of their shared keys, which could open the door to man-in-the-middle attacks.

Cryptographic Foundation: MTProto relies on cryptographic primitives that require unique security considerations, which haven’t been extensively studied. This sets it apart from more established protocols like TLS.

Implementation Complexities: The complexity of MTProto might lead to errors in third-party clients, potentially compromising security.

Insights from Experts

Cryptography experts have raised concerns about certain aspects of Telegram’s security model, including:

• The default storage of contacts, messages, and media, along with decryption keys, on Telegram servers.
• The absence of default end-to-end encryption for all messages.
• The use of a custom-designed encryption protocol instead of relying on well-established standards.

Conclusion: Choosing Secure Communication Tools

For activists, journalists, and others whose safety relies on secure communications, there are more robust options available than Telegram’s MTProto protocol:

Signal is often considered the gold standard for secure messaging. It uses open-source, end-to-end encryption for all communications by default, collects minimal user data, and has been thoroughly vetted by cryptography experts. Signal is free, easy to use, and available across all major platforms.

Threema offers a high level of security and anonymity. It doesn’t require a phone number or email for registration, uses end-to-end encryption for all communications, and stores minimal data on its servers. While it has a one-time cost, this supports a sustainable business model without relying on user data.

While these tools provide strong security, they should be used alongside other best practices:

• Use a reputable VPN to mask your IP address and location.
• Regularly update all software and apps to ensure you have the latest security patches.
• Use strong, unique passwords and enable two-factor authentication where possible.
• Stay aware of potential physical security risks and practise good operational security.

Finally, staying informed about digital security best practices is essential. Organizations like the Electronic Frontier Foundation (EFF) offer resources and guides to help high-risk users protect themselves online.

Remember, no tool is entirely foolproof, and your choice of communication tool should align with your specific threat model and needs. Regularly reassess your security practices and stay up to date with the latest developments in digital security.