Telegram keeps talking about how private and secure it is, but all group and private chats are not encrypted by default. Its end to end encrypted chats are very limited (only direct messages and only on one device) and rely on self-baked crypto. Their voice chat is also almost definitely not end to end encrypted, as I'm not aware of a way to do e2ee voice chat with many participants without linearly increasing bandwidth requirements for users
I wonder if it’s possible to do in the same way WhatsApp does for media uploads.
When you send a video to a contact on WhatsApp, it takes some time to upload the video. When you then forward the video a few minutes later, it’s near instant. This set off red flags for me, as that can’t be E2EE if so.
Someone explained that the media is encrypted using one key, which is stored locally. The key is then encrypted and transmitted to the recipient using the clients public key. When you forward the media, you only need to send the second recipient the encrypted key using their pubkey (along with the identifier for the media that is still present in WhatsApp server side cache).
This in itself raises some more red flags relating to the encryption of the media being transmitted and cached in the first place, but if that’s all done sensibly, then this isn’t the worst solution to reduce bandwidth utilisation by end users.
A similar approach could be used for E2EE group calls. Encrypt the payload using one key, send the payload to all participants via a central server (which generally has to happen anyway due to NAT traversal issues, especially with mobile internet), and send each participant the keys individually. Voila, group call with 3 people or 30 people doesn’t result in having to retransmit the same audio payload multiple times.
Obviously this is a simplistic overview of how this could work. I am not a cryptographer, I have no expertise in this area, everything above could be total baloney. Anyone with expertise should absolutely correct me please and thank you.
All that said, hope this helps.
EDIT: changed the above to reflect that forwarding media is “near instant” rather than “instant”
Thanks, I’ve edited the comment to better reflect that it’s near instant rather than actually instant.
I’ve done a packet capture to verify that my phone is not uploading the entire payload a second time when forwarding media I’ve recently uploaded or received, which is what compounded my original concern.
I always wondered why Telegram gets criticism for their boring cryto based on well respected algorithms while Signal gets hardly any criticism for their crypto based on unique concepts.
> I'm not aware of a way to do e2ee voice chat with many participants without linearly increasing bandwidth requirements for users
This can be almost trivially extended from one-to-one end-to-end encrypted text chats: One peer picks a random symmetric key and forwards it to all participants over the existing encrypted and authenticated channel.
Afterwards, you can just use the most appropriate way of relaying encrypted voice data: Full mesh peer to peer, one party acting as relay for everybody else, using an SFU that relays incoming data from one peer to all others (without being able to decrypt it)...
I found it interesting that direct calls (just calling one of your contacts) can be peer-to-peer if you enable it in the settings. They even have a unique code at the top of the screen (like 5 emojis) that you can verify match on the other participant's phone.
By default, it's as good (or as bad) as email with secure transport. "Secret chats" are end-to-end encrypted, but it supports only one-to-one conversations. There is no group secret chat feature. Voice chat also being a group feature, would have the same transport level encryption as the default chats, I suppose.
Big-time Telegram user for usability reasons, but their encryption is a joke. "Server-client encryption" whose server anyway, the NSA's? It might as well be.
Since it is a group thing it would likely only be encrypted to the server. Telegram only does end to end encryption for "Secret Chats" which is a different mode.