• @woelkchen
    link
    English
    34 months ago

    nobody actually knows if it’s worth a damn.

    After all these years, security researchers still don’t know if the encryption is any good?

    • @HarriPotero
      link
      English
      114 months ago

      On that level it usually falls on computer scientists. Formal methods can prove that any implementation is correct, but proving the absence of unintended attacks is a lot harder.

      Needham-Schroeder comes to mind as an example from back when I was studying the things.

      • @woelkchen
        link
        English
        -14 months ago

        On that level it usually falls on computer scientists.

        And not a single one has been able to analyze the encryption in all these years? Fact is, Telegram is the tool the Russian opposition and even Ukrainians use to communicate without Putin being able to infiltrate.

        • @HarriPotero
          link
          English
          2
          edit-2
          4 months ago

          No. It kind of falls on Dijkstra’s old statement. “Testing can only prove the presence, not absence of bugs.”

          You can prove logical correctness of code, but an abstract thing such as “is there an unknown weakness” is a bit harder to prove. The tricky part is coming up with the correct constraints to prove.

          Security researchers tend to be on the testing side of things.

          A notable example is how DES got its mixers changed between proposal and standardisation. The belief at the time was that the new mixers had some unknown backdoor for the NSA. AFAIK, it has never been proven.