American startup Virgil Security announced the discovery of several vulnerabilities in the new tool personal ID verification Passport Telegram. The analysis presented in the company blog.
Programmers Virgil Security, specializing in solutions in the field of cryptography and end-to-end encryption, praised the decision by Telegram to publish the code, noting that “commitment to openness” allows security professionals to perform services and, “ideally, to help to improve it”.
“Unfortunately, the safety Passport was disappointing in several key aspects,” reads the blog of a startup.
In particular, the head of the security service Virgil Security Alexey Ermishkin, is the author of the study, points out two problems of the new tool: it’s about how data is encrypted and how protected information.
Recall, talking about Telegram Passport, the company Pavel Durov stressed that “identification documents and personal information will be stored in the Telegram cloud using end-to-end” encryption: encrypted information protected with a password known only to the user, implies the lack of internal access to the stored information.
Next — decentralized cloud, promises Telegram. In General, the work identification was one of the ambitious components of the blockchain system, which, according to some, says technical whitepaper ICO company.
It is noteworthy that Telegram has never publicly announced its billionth ICO, and has not confirmed it officially. However, the company could not prevent the leakage of information, and some documents began to get in the media. Then it became clear that the operator of the popular messaging service is going to compete for a place in the sun on the market quite a wide range of services, from file sharing to and secure encryption system for viewing web pages.
In addition, it was found that Telegram is going to integrate it into your messenger payments based on blockchain technology, which is popular in cryptosuite: payments and carried out in parallel to verify the information ID is a great application. In addition, removing redundant link services, digital identity, such as Equifax (approx. American Bureau of credit stories), storing the data in a rather vulnerable centralized databases, for a long time is a common goal of the crypto community, and it could be a decent start for Telegram.
However, from the point of view of programmers Virgil Security, command Telegram should go back to the basics: startup draws user attention to the way in which Passport Telegram encrypted passwords. So for password hashing uses SHA-512.
“Now 2018, and one high-level graphics processing unit (GPU) can sort out approximately 1.5 billion hashes SHA-512 per second,” writes the startup team.
In the presence of “a small farm for mining cryptocurrency”, consisting of 10 computers “all possible combinations of 8-character password from a 94-character dictionary” will be checked “less than 5 days”. A strong password will cost the attackers at most $135 (is this the average cost of electricity in the U.S.), and light — at only $5.
On the other hand, Virgil acknowledges the Security: before the attacker can start the attack, you will need to obtain key information.
“In order to gain access to the password hashes, the attack must be internal to the Telegram. The ways in which they can turn to a variety — the insider threat, phishing, one neprolongirovannogo flash drive and so on,” notes cofounder Virgil Security Dmitry Dain.
Thus, if many users begin to use the tool and load your data it will make the company a very attractive target.
However, Telegram has long been criticized for their own decisions in the field of cryptography — the company decided not to rely on the recommended standards. One more nuance, which, according to Virgil Security, should alert users to the fact that the data is loaded in the Telegram Passport without a signature.
When the data have a cryptographic signature (an integral part of the architecture of the blockchain in the broad sense), to quickly confirm that they were loaded exactly the person that this was said, and has not been changed, is not difficult.
Without the cryptographic signature modify a certain part of the data is possible, and nobody will know about it.
“Now, when people see “protected by end-to-end encryption”, they are confident that their data will be safe way be forwarded to third parties without the fear that they will be decrypted or tampered with. Unfortunately, the confidence of the users of Passport will be deceptive,” writes the Security team Virgil.
Representatives of the Telegram have not yet given their comments.
comments powered by HyperComments