On cryptographic security of end-to-end encrypted connections in WhatsApp and Telegram messengers

On cryptographic security of end-to-end encrypted connections in WhatsApp and Telegram messengers

The aim of this work is to analyze the available possibilities for improving secure messaging with end-to-end connections under conditions of external violator actions and distrusted service provider. We made a comparative analysis of cryptographic security mechanisms for two widely used messengers:...

Full description

Bibliographic Details
Main Authors: Sergey V. Zapechnikov, Polina O. Kozhukhova
Format: Article
Language:English
Published: Moscow Engineering Physics Institute 2017-11-01
Series:Bezopasnostʹ Informacionnyh Tehnologij
Subjects:
cryptography
end-to-end connection
encryption
WhatsApp
Telegram
Online Access:https://bit.mephi.ru/index.php/bit/article/view/275
Description
Summary:The aim of this work is to analyze the available possibilities for improving secure messaging with end-to-end connections under conditions of external violator actions and distrusted service provider. We made a comparative analysis of cryptographic security mechanisms for two widely used messengers: Telegram and WhatsApp. It was found that Telegram is based on MTProto protocol, while WhatsApp is based on the alternative Signal protocol. We examine the specific features of messengers implementation associated with random number generation on the most popular Android mobile platform. It was shown that Signal has better security properties. It is used in several other popular messengers such as TextSecure, RedPhone, GoogleAllo, FacebookMessenger, Signal along with WhatsApp. A number of possible attacks on both messengers were analyzed in details. In particular, we demonstrate that the metadata are poorly protected in both messengers. Metadata security may be one of the goals for further studies.
ISSN:2074-7128
2074-7136

Similar Items