Je hebt een klacht over de onderstaande posting:
Aan iedereen die struikelde over mijn opmerking dat Telegram niet veilig zou zijn: http://www.cryptofails.com/post/70546720222/telegrams-cryptanalysis-contest Hierin staat beschreven wanneer encryptie veilig is en waarom je het niet zou moeten vertrouwen. Telegram’s design seems to disregard all of the important crypto research from the past two decades. Some problems are immediately apparent: * They use the broken SHA1 hash function. * They include a hash of the plaintext message in the ciphertext. Essentially, they are trying to do “Mac and Encrypt” which is not secure. They should be doing “Encrypt then Mac” with HMAC-SHA512. * They rely on an obscure cipher mode called “Infinite Garble Extension.” * Some really weird stuff about factoring 64-bit integers as part of the protocol. * They do not authenticate public keys. If their protocol is secure, it is so by accident, not because of good design. “They basically made up a protocol,” Matthew Green, a professor of cryptography at Johns ...
Beschrijf je klacht (Optioneel):