Security Cryptography Whatever

Threema with Kenny Paterson, Matteo Scarlata and Kien Tuong Truong

Jan 27, 2023

01:03:55

Creator website

Highlights

AI Chapters

Episode notes

I'm Happy That You're Using a Secure Cryptographic Protocol

01:54

Is It a Consequence of the EDE Protocols?

01:41

Encryption - What Does It Mean?

01:33

Introduction

2min

A Bird's-Side View of Our Finding

2min

The Nebuchadas R Matrix Paper

2min

How Three Mo Works?

2min

The First Attack on a TAC1

2min

Authentication of a Diffie-Hellman Ephemeral Key

2min

What's the Impact of the 3MAR Vulnerabilities?

2min

Are They Just Trying to Recreate an Authenticated Key Exchange?

3min

The Second Threat Model Is the Client-Server Protocol, Right?

2min

10.

ATT&CK2 Attack

2min

11.

C2S Cryptography

2min

12.

Encrypting a Message in the Client-to-Server Protocol

2min

13.

3mma

2min

14.

Is PECS7 in Block Cryptography?

2min

15.

Using the API of NACL to Implement a Crypto Protocol?

2min

16.

The Most Complicated Attack on a Paper

2min

17.

Getting to the Truth of 50 Private Keys

2min

18.

Co-Fighter Attacks in NACO

2min

19.

Is This Attack Necessary Given Attack Number One?

1min

20.

Getting Someone to Send an Instant Message That Contain a Public Key

2min

21.

Is It a Consequence of the EDE Protocols?

2min

22.

Is There a Non-Storage Problem?

2min

23.

The Double Ratcheting Attack

2min

24.

Do We Care About Deniability in End-to-End Encrypted Messaging Protocols?

2min

25.

Do We Really Care About DKIM?

2min

26.

I Hate That.

2min

27.

Encryption - What Does It Mean?

2min

28.

How to Leak a Private Key Into a Cloud Backup

2min

29.

The Second Best Attack on the Paper

2min

30.

What Happened to the Front Page?

1min

31.

The Court of Public Opinion Had a Lot to Say About It.

2min

32.

I'm Happy That You're Using a Secure Cryptographic Protocol

2min

33.

Kenny Farrison's Master's Thesis

2min

34.

XYZ, TLS 1.3, and the Future of Cryptographic Protocols?

3min

35.

Security, Cryptography, Whatever

2min

Another day, another ostensibly secure messenger that quails under the gaze of some intrepid cryptographers. This time, it's Threema, and the gaze belongs to Kenny Paterson, Matteo Scarlata, and Kien Tuong Truong from ETH Zurich. Get ready for some stunt cryptography, like 2 Fast 2 Furious stunts.

Transcript:
https://securitycryptographywhatever.com/2023/01/27/threema/

Links:
https://breakingthe3ma.app/
https://threema.ch/press-files/2_documentation/cryptography_whitepaper.pdf
https://threema.ch/en/blog/posts/ibex

"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Get the app