[upofadown]

As mentioned in the linked article, E2EE group chats are more or less impractical due to the identity verification problem. This initiative is intended to help with that. I will also point out that large group chats are impractical due to the simple fact that not everyone will know everyone else. So someone can just leak the messages.

The Telegram method of dealing with this is obviously not the only way, but it is a legitimate way.

>Not to mention that even when chats are e2e encrypted, they are encrypted using their proprietary algorithm?

The algorithm is public. It is a straightforward application of well known primitives. It is hardly proprietary.

[robryk]

> The algorithm is public. It is a straightforward application of well known primitives. It is hardly proprietary.

Note that its predecessor, was very much not that (e.g. https://words.filippo.io/dispatches/telegram-ecdh/ was a vulnerability in it, and it stuck to some weird choices of crypto primitives/key sizes for a pretty long time). This colors my expectations about the current version slightly.

I personally know nothing about the current protocol used (mtproto 2.0) and a few minutes of googling surfaced https://eprint.iacr.org/2022/595.pdf, https://eprint.iacr.org/2023/469 and https://arxiv.org/abs/2012.03141, which I'd need to read in reasonable amount of detail to have an opinion on mtproto 2.0.