{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,5]],"date-time":"2026-05-05T07:01:51Z","timestamp":1777964511283,"version":"3.51.4"},"reference-count":47,"publisher":"IEEE","license":[{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-009"},{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-001"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022,5]]},"DOI":"10.1109\/sp46214.2022.9833666","type":"proceedings-article","created":{"date-parts":[[2022,7,27]],"date-time":"2022-07-27T19:28:05Z","timestamp":1658950085000},"page":"87-106","source":"Crossref","is-referenced-by-count":20,"title":["Four Attacks and a Proof for Telegram"],"prefix":"10.1109","author":[{"given":"Martin R.","family":"Albrecht","sequence":"first","affiliation":[{"name":"University of London,Information Security Group, Royal Holloway"}]},{"given":"Lenka","family":"Marekov\u00e1","sequence":"additional","affiliation":[{"name":"University of London,Information Security Group, Royal Holloway"}]},{"given":"Kenneth G.","family":"Paterson","sequence":"additional","affiliation":[{"name":"Applied Cryptography Group, ETH Zurich"}]},{"given":"Igors","family":"Stepanovs","sequence":"additional","affiliation":[{"name":"Applied Cryptography Group, ETH Zurich"}]}],"member":"263","reference":[{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1007\/11761679_25"},{"key":"ref35","year":"2020","journal-title":"Notice of ignored error message"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.5"},{"key":"ref34","year":"2021","journal-title":"Telegram Desktop – session_private cpp"},{"key":"ref15","author":"jutla","year":"2000","journal-title":"Attack on free-mac sci crypt"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/SFCS.1997.646128"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.1978.1089775"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-39200-9_31"},{"key":"ref31","year":"2021","journal-title":"Telegram Desktop – mtproto_serialized_request cpp"},{"key":"ref30","author":"ludwig","year":"2017","journal-title":"Trudy - Transparent TCP proxy"},{"key":"ref11","year":"2021","journal-title":"tdlib – Transport cpp"},{"key":"ref33","year":"2021","journal-title":"Telegram Android – Datacenter cpp"},{"key":"ref10","year":"2020","journal-title":"tdlib"},{"key":"ref32","year":"2021","journal-title":"Mobile protocol Detailed description – server salt"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.14722\/eurousec.2017.23016"},{"key":"ref1","year":"2021","journal-title":"500 million users"},{"key":"ref17","year":"2015","journal-title":"FIPS 180-1 Secure hash standard"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30556-9_15"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-011-9106-1"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-25937-4_22"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.46586\/tosc.v2017.i1.405-426"},{"key":"ref18","article-title":"SHACAL (-submission to NESSIE-)","author":"handschuh","year":"2000","journal-title":"Proceedings of first open NESSIE workshop"},{"key":"ref24","year":"2021","journal-title":"Mobile protocol Detailed description"},{"key":"ref46","article-title":"Recovering cryptographic keys from partial information, by example","author":"micheli","year":"2020","journal-title":"Cryptology ePrint Archive Report 2006\/150"},{"key":"ref23","first-page":"3","article-title":"Simplifying game-based definitions indistinguishability up to correctness and its application to stateful AE","volume":"10992","author":"rogaway","year":"2018","journal-title":"CRYPTO 2018 Part III ser LNCS"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1007\/BFb0055716"},{"key":"ref26","year":"2020","journal-title":"TL language"},{"key":"ref25","year":"2020","journal-title":"Schema"},{"key":"ref47","article-title":"On Bounded Distance Decoding with predicate: Breaking the \"lattice barrier\" for the Hidden Number Problem","author":"albrecht","year":"2020","journal-title":"Cryptology ePrint Archive Report"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586112"},{"key":"ref42","year":"2021","journal-title":"Security guidelines for client developers"},{"key":"ref41","year":"2021","journal-title":"Telegram Desktop – session_private cpp"},{"key":"ref22","first-page":"55","article-title":"From stateless to stateful: Generic authentication and authenticated encryption constructions with application to TLS","volume":"9610","author":"boyd","year":"2016","journal-title":"CT-RSA 2016 ser LNCS"},{"key":"ref44","year":"2021","journal-title":"FAQ for the Technically Inclined – length extension attacks"},{"key":"ref21","article-title":"Building secure cryptographic transforms, or how to encrypt and MAC","author":"kohno","year":"2003","journal-title":"Cryptology ePrint Archive"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.42"},{"key":"ref28","year":"2020","journal-title":"MTProto transports"},{"key":"ref27","year":"2018","journal-title":"BoringSSL AES IGE implementation"},{"key":"ref29","year":"2021","journal-title":"Sequence numbers in secret chats"},{"key":"ref8","article-title":"Robust channels: Handling unreliable networks in the record layers of QUIC and DTLS 1.3","author":"fischlin","year":"2020","journal-title":"Cryptology ePrint Archive Report 2020\/718"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.5220\/0010549600002998"},{"key":"ref9","year":"2021","journal-title":"End-to-end encryption secret chats – sending a request"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/2994459.2994468"},{"key":"ref3","author":"albrecht","year":"2021","journal-title":"Collective information security in large-scale urban protests the case of Hong Kong"},{"key":"ref6","article-title":"Formal Verification for Real-World Cryptographic Protocols and Implementations","author":"kobeissi","year":"2018","journal-title":"Theses INRIA Paris Ecole Normale Supérieure de Paris - ENS Paris"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/3150376.3150382"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1007\/11836810_7"}],"event":{"name":"2022 IEEE Symposium on Security and Privacy (SP)","location":"San Francisco, CA, USA","start":{"date-parts":[[2022,5,22]]},"end":{"date-parts":[[2022,5,26]]}},"container-title":["2022 IEEE Symposium on Security and Privacy (SP)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9833550\/9833558\/09833666.pdf?arnumber=9833666","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,11,8]],"date-time":"2023-11-08T23:25:25Z","timestamp":1699485925000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9833666\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,5]]},"references-count":47,"URL":"https:\/\/doi.org\/10.1109\/sp46214.2022.9833666","relation":{},"subject":[],"published":{"date-parts":[[2022,5]]}}}