Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] About Telegram

Maxim Kammerer mk at dee.su
Wed Apr 2 14:57:48 PDT 2014


On Wed, Apr 2, 2014 at 10:33 PM, Steve Weis <steveweis at gmail.com> wrote:
> As an epilogue, the Telegram client misused a non-secure random number
> generator mrand48 for the keys used in their contest. A student, Thijs
> Alkemade, was able to recover their keys and decrypt the contest
> message transcripts:
> https://blog.thijsalkema.de/blog/2014/04/02/breaking-half-of-the-telegram-contest/

Seriously... He took the secret server-side keys published
post-contest, and recovered the secret chat key (also published) by
exploiting a randomness bug that has been fixed shortly after the
context began. Moxie had the same randomness problem in his TextSecure
code [1] — does he also “suck at this”, to quote this student? Or does
blindly relying on someone else's POS code and primitives suddenly
absolve one of responsibility for one's own software quality? Because
that's essentially the spirit that I observe in Telegram's criticism.

[1] https://github.com/WhisperSystems/TextSecure/commit/b14d9d84

-- 
Maxim Kammerer
Liberté Linux: http://dee.su/liberte



More information about the liberationtech mailing list