[liberationtech] About Telegram

[Maxim Kammerer]

On Fri, Feb 21, 2014 at 12:24 AM, Tony Arcieri <bascule at gmail.com> wrote:
> That would be shifting the burden of proof. The goal of a well-designed
> cryptosystem should be to demonstrate why attacks aren't possible. Just
> because I personally can't demonstrate a particular attack against this
> system is not a measure of its security.

It is, since there are automatic tools which will show you attack
scenarios after you encode the communication protocol. You called the
contest a farce and the product a snake oil based on what, inadequate
threat modeling in a contest where the backer indicated willingness to
adapt the contest to more advanced threat models? Ignore the contest,
then.

> Can you demonstrate a practical attack Moxie's obviously broken cryptosystem
> described in his blog post? If you can't, does that mean it's secure?

I didn't write “a practical attack”, I wrote “describe an attack” —
you are substituting terms in order to support your point.

> Even experts make mistakes, and Telegram's developers are clearly not
> experts as they seem to have ignored all of the developments that have
> occurred in the past 20 years (or more) in cryptography, most notably
> authenticated encryption.

Maybe, so what? The limitations are outlines in the FAQ — the product
is clearly not a snake oil.

-- 
Maxim Kammerer
Liberté Linux: http://dee.su/liberte