[liberationtech] About Telegram
Ximin Luo
infinity0 at pwned.gg
Wed Apr 2 15:24:54 PDT 2014
On 02/04/14 22:57, Maxim Kammerer wrote:
> On Wed, Apr 2, 2014 at 10:33 PM, Steve Weis <steveweis at gmail.com> wrote:
>> As an epilogue, the Telegram client misused a non-secure random number
>> generator mrand48 for the keys used in their contest. A student, Thijs
>> Alkemade, was able to recover their keys and decrypt the contest
>> message transcripts:
>> https://blog.thijsalkema.de/blog/2014/04/02/breaking-half-of-the-telegram-contest/
>
> Seriously... He took the secret server-side keys published
> post-contest, and recovered the secret chat key (also published) by
> exploiting a randomness bug that has been fixed shortly after the
> context began.
No.
> Moxie had the same randomness problem in his TextSecure code [1]
No.
> — does he also “suck at this”, to quote this student? Or does
> blindly relying on someone else's POS code and primitives suddenly
> absolve one of responsibility for one's own software quality? Because
> that's essentially the spirit that I observe in Telegram's criticism.
>
No.
> [1] https://github.com/WhisperSystems/TextSecure/commit/b14d9d84
>
--
GPG: 4096R/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git
More information about the liberationtech
mailing list