Revision 26b36efa-c74c-45a5-bc26-033fed690c91 - Information Security Stack Exchange

I'd like to ignore the comparison to WhatsApp because WhatsApp does not advertise itself as a "secure" messaging option. I'd like to instead focus on whether Telegram is secure.

Telegram's security is built around their home spun [MTProto][1] protocol. We all know that the first rule of Cryptography is [Don't Roll Your Own Crypto][2]. *Especially* if you aren't trained cryptographers. Which the Telegram people most certainly aren't.

> The team behind Telegram, led by Nikolai Durov, consists of six ACM champions, half of them Ph.Ds in math. It took them about two years to roll out the current version of MTProto. Names and degrees may indeed not mean as much in some fields as they do in others, but this protocol is the result of thougtful and prolonged work of professionals.

Source: https://news.ycombinator.com/item?id=6916860

Math Ph.Ds are **not** cryptographers. The protocol they invented is flawed. [Here][3] is a nice blog post explaining why. In addition to that, Telegram has issued a rather ridiculous challenge offering a reward to anyone who can break the protocol. Except that the terms they set makes even the most ridiculously weak protocol difficult to break. Moxie Marlinspike has a nice [blog post][4] explaining why the challenge is ridiculous.

So, no. Telegram is by no means secure. For commonly accepted definitions of secure, not the one Telegram made up.

If you want a *real* secure means of communication on your phone, look to more reputable projects such as [Open WhisperSystems][5] or the rather well known [Cryptocat][6].

**UPDATE**

 - 09 January 2015: A new [2^64 attack][7] On Telegram has been
 announced. 
 - 12 December 2015: A [new paper][8] demonstrating that
 MTProto is not IND-CCA secure.

 [1]: https://core.telegram.org/mtproto
 [2]: http://security.stackexchange.com/q/25585/10211
 [3]: http://unhandledexpression.com/2013/12/17/telegram-stand-back-we-know-maths/
 [4]: http://thoughtcrime.org/blog/telegram-crypto-challenge/
 [5]: https://whispersystems.org/
 [6]: https://crypto.cat/
 [7]: http://www.alexrad.me/discourse/a-264-attack-on-telegram-and-why-a-super-villain-doesnt-need-it-to-read-your-telegram-chats.html
 [8]: https://eprint.iacr.org/2015/1177.pdf