Telegram has several design issues influencing it’s overall security and privacy. It is not recommended for users requiring secure communications and people who want to preserve their privacy. For those users better and free alternatives exists. One of recommended secure messengers is application Signal. There is no need to use the Telegram when there are more secure alternatives with similar features.
Encryption
Telegram does not use end-to-end encryption, but only the transport-level encryption, which means that Telegram creators can see all user’s messages at any time. They also store all user’s data and messages on their servers.
Regarding the implementation of encryption of the communications, two concepts apply. One is to use encryption at the data transfer level where the message is encrypted only during transfers between different servers (but not on the servers). In this case data at the target server is decrypted and then stored on a server or forwarded to another server (in that case it could be re-encrypted, but with different key).
The second concept is encrypting the entire communication path. This concept is also known as end-to-end encryption (E2E). Here, an encrypted session is established between each endpoint (e.g., two communication terminals), which means that communications are encrypted along the entire communication path from device A to device B. Therefore, communications cannot be eavesdropped by the network infrastructure provider or by the communications service provider (however, it could be intercepted at the source or target endpoint, but this is also true when using transport-level encryption).
Telegram is by default a cloud database with a copy of every message everyone has ever sent (including photo, video and other types of documents). This database also contains all contacts and group memberships of a user. This can be easily checked by uninstalling Telegram from a mobile phone and installing it on the other mobile device – Telegram will sync all your contacts and messages to the new device without asking for any password. Messages and contacts could be removed from Telegram’s server only if user deletes his or her account through https://my.telegram.org/auth?to=delete.
By default, Telegram does not use end-to-end encryption. However, they are advertising they are offering end-to-end encryption, but only because they have a feature called Secret Chat that end-to-end encrypts sent messages. However, this feature must be manually enabled by users and this is inconvenient to use. Telegram also states on their site that Telegram secret chats are device-specific – if user starts a secret chat with a friend on one of his/her devices, this chat will only be available on that device. If user logs out, he/she will lose all the secret chats.
For encryption, Telegram uses proprietary encryption protocol known as MTProto. This encryption protocol has been developed by Telegram.
MTProto has been analyzed by some security experts, and several weaknesses have been found.
Jakob Bjerre Jakobsen from Aarhus Univesity performed a cryptanalysis of the Telegram messaging protocol in 2015 for his master’s thesis and found two smaller attacks on the underlying encryption scheme. He concluded that well-studied, provably secure encryption schemes that achieve strong definitions of security are to be preferred to home-brewed encryption schemes. Computer scientists from from ETH Zurich and Royal Holloway, University of London made a security review of MTProto in June 2021. ETH Zurich professor Kenny Paterson commented that encryption services “could be done better, more securely, and in a more trustworthy manner with a standard approach to cryptography”.
It is true, that weaknesses were not very serious, and Telegram also responded quickly and fixed those vulnerabilities almost immedi
