A newly published technical review of Telegram’s MTProto protocol warns that the messaging platform exposes persistent device identifiers to passive network observers, potentially allowing users to be tracked across networks, locations, and sessions without breaking Telegram’s encryption.
The researchers say the issue remains unresolved because Telegram still does not mandate transport-layer encryption for MTProto traffic.
The 89-page paper was authored by cryptographer Dr. Nadim Kobeissi of Symbolic Software and commissioned for Global Network Solutions, Inc. The report entered the spotlight this week after iStories and OCCRP reported on the findings, prompting the company behind the audit to publish the full document.
The research focuses on MTProto’s auth_key_id, a 64-bit identifier embedded in every Telegram message header. According to the report, the identifier remains stable across app restarts, IP address changes, VPN use, and network switches, allowing anyone capable of passively monitoring traffic between users and Telegram servers to potentially correlate activity over long periods.
Telegram clients on Android and desktop platforms transmit MTProto traffic over raw TCP connections instead of HTTPS or TLS-encrypted channels, even when using port 443, which is normally associated with secure web traffic. Packet captures reportedly showed no TLS handshake or certificate exchange, meaning the transport layer itself remains unencrypted.
That allows internet service providers, enterprise network administrators, hotel Wi-Fi operators, mobile carriers, and state surveillance systems to potentially observe the persistent auth_key_id without decrypting message contents.
Privacy researcher Lukasz Olejnik amplified the findings on X, warning users not to rely on Telegram for sensitive communications.
The report also states that Telegram’s Secret Chats and Perfect Forward Secrecy protections do not mitigate this issue because the exposure occurs below the application encryption layer. While Secret Chats protect message contents with end-to-end encryption, the transport metadata, including auth_key_id, remains visible to passive observers when MTProto is sent over unencrypted TCP connections.
To validate the findings, researchers reviewed Telegram’s MTProto documentation, replicated earlier independent research, and conducted packet captures and traffic analysis on Telegram for Android and Telegram Desktop on macOS. The researchers said they were able to extract auth_key_id values from captured traffic using Telegram’s publicly documented obfuscation scheme, which they described as trivial to reverse.
The researchers propose a fix that requires TLS encryption for all MTProto connections and removes unencrypted TCP fallbacks entirely. Until the issue is fixed, Telegram users remain vulnerable to metadata-based tracking, no matter what their settings are or which client version or platform they use.
CyberInsider has reached out to Telegram for a comment on Symbolic Software’s audit report, but we have not received a response by publication.
Leave a Reply