A modified secure version of the Telegram protocol (MTProto)

Abstract

The advent of mobile phones and the spread of the internet have caused a substantial increase in the utilization of these technologies for personal communication. A wide range of mobile applications exist, most of which use their own proprietary protocol. Reports of snooping attacks have prompted the parent organizations and users to guarantee that the encrypted data sent over a public network is decrypted only by the intended recipient. Smart phone operating systems provide GPS data to these applications so that users can tag photos with this information. As these applications mostly run a daemon or service in the background to automatically receive messages, an unattended switched on location service coupled with a weak protocol leaves the user highly vulnerable of being tracked by eavesdroppers. These applications are known to, by observing their behaviour, upload the user's contact list to the server so as identify those contacts using the same application. These are but just two important data that need to be protected by tough security measures during transit. Any loop hole in security protocols will leave the user vulnerable to attacks, even outside the digital world. Online chat protocols such as the Telegram protocol ensure end-to-end security of data. Although the protocol itself has been explained in much detail by the designers, this protocol is disfavored because of its performance drawbacks and its susceptibility to man-in-the-middle attacks. In this paper, we modify the Telegram protocol in an attempt to make it more efficient and secure.