|
|
|
|
|
|
by SideburnsOfDoom
4048 days ago
|
|
|
I'm looking at this: https://core.telegram.org/techfaq#q-why-are-you-mostly-relyi... While there seem to be "home made" elements, these are in how they are combining well-known cryptosystems. So there may well be flaws in how they put it together or in the implementation, it doesn't appear to be a classic case of "home made" snake oil encryption. Also, it seems to be public, not the usual "trade secret" of snake oil. |
|
|
Block ciphers are used in a selection of modes and when combined into a protocol with integrity and authentication catered for, we have a cryptosystem.
Constructing these is hard, even with well-known algorithms, and is the source of many sneaky attack vectors. The fact that they have effectively invented their own mode is suspect, and the cryptosystem as a whole is not really well-validated either.
Their "$300,000 if you break it" contest is seen as a trust-gimmick as it provides no cryptographical or mathematical guarantees, it simply shows that nobody has yet broken it for whom 300k is more important than access to the data.