Which encryption is better: Signal or Telegram?

A couple of days ago, Elon Musk on Twitter recommended using the Signal messenger , not without consequences .





However, in December 2020, news spread through the media that the well-known hacker company Cellebrite had broken the encryption of this crypto messenger.



And Habr's readers for secret correspondence prefer not Signal at all, but secret Telegram chats (at least from those who took part in our survey ).



First, I must say about the "hacking" of Signal encryption. In fact, it turned out that the scientist, out of habit, raped the journalist. Not only did Cellebrite fail to crack the encryption, but it never said so, and the whole hype came from an article on the BBC website with a clickbait headline , because the journalists misunderstood the essence of the Cellebrite article.



Cellebrite is probably qualified. Their equipment and software are used in forensics, specifically to extract the contents of confiscated smartphones by law enforcement agencies around the world (see the company's leaked customer base ).



But in this case, Cellebrite disgraced herself a little - and has by now deleted the article., or rather, reduced it to a squeeze without technical details under a different heading (although at first a 404 error was actually issued at this address). In order not to provoke such hypes.



True, the article itself was a little pretentious and funny. Loud headline. And there are such pearls:



:



[...] , , . Signal . , .



[...] , . . “pref_attachment_encrypted_secret”, “data” “iv”.


That is, the experts proudly talked about their achievements, but laughed at them. The conversion into a text file of the message history from the dump was given under the heading "Breaking the code", and they described the simplest things with such pathos that it looks like satire. Well, then the story was misinterpreted in the media, which did not understand at all what it was about.



In fact, the Signal open source messenger is still considered one of the most secure. Its protocol has passed a security audit . Program author Moxie Marlinspike compares"Hacking" Cellebrite, as if you took a jailbroken phone and launched any application in it - and thus allegedly hacked an encrypted system. Or if a person who has a key and a lock at his disposal would be considered a lockbreaker.



No one doubts the security and safety of the Signal protocol. The completely open source code of all clients only adds to the reliability of the entire system.



Well, what about the MTProto 2.0 protocol in Telegram? Here is a description of the part that is used for end-to-end encryption, that is, for secret chats. Separate scientific teams analyzed the security layer of the first version of MTProto, and there the results were extremely disappointing , or rather disastrous. Many serious errors have been identified. Of course, the Telegram developers have fixed these flaws in the second version. For example, they switched from SHA-1 to SHA-256 and so on. The circuit looks nice.







But the second version has not yet been tested by any of the independent cryptographers and scientific institutions, as far as we know.



Therefore, from the point of view of the quality and reliability of encryption, the choice remains in favor of Signal. It looks like Elon is right.



All Articles