Weird flex, but okay
Our model only covers the symmetric part. We describe the key exchange as a flow diagram but we didn't model it (we only broke): mtpsym.github.io The question under what assumptions (if any) MTProto's key exchange achieves which security guarantees is still open.
I struggle to see where the claim that Telegram isn't open source comes from? telegram.org/apps#source-... If memory serves, we recompiled and ran this source code to verify some behaviour we saw in the code.
yeah yeah yeah, the author has a thing for steganography, but there's so much gold in this book, especially Chapter 4. If you take my "advanced topics in cryptography" module in autumn, you'll hear about it.
Also: "I sincerely thank Hongxun Wu and (independently) Thomas Vidick for finding the bug today."
I really wanted to write this up, also as a public apology!
Maybe this part of the article will be a useful reference point for people when writing their next rebuttal about a “Crypto in the Wild” paper. We certainly want to encourage researchers to keep going in this direction.
And we address the question: Is this science? We think the answer is a hard “yes”, if science is about gaining a deeper understanding of the world around us.
We also talk about the responsibilities of researchers - as we see them: to whom we owe them, and what they are. (Sneak preview: we don’t think our responsibilities are mainly towards vendors.)