NEW EPISODE! We finally have an excuse to tear down Telegram! Their CEO got arrested by the French, apparently not because the cryptography in Telegram is bad, but special guest Matt Green joined us to talk about how the cryptography is bad anyway! youtu.be/OSGOQms2JFI
YouTube video by Security Cryptography Whatever
Our model only covers the symmetric part. We describe the key exchange as a flow diagram but we didn't model it (we only broke): mtpsym.github.io The question under what assumptions (if any) MTProto's key exchange achieves which security guarantees is still open.
I struggle to see where the claim that Telegram isn't open source comes from? telegram.org/apps#source-... If memory serves, we recompiled and ran this source code to verify some behaviour we saw in the code.