triggered by Thomas Ptacek's tweet, who said that Telegram stores messages on their servers in plaintext:
By default Telegram stores the PLAINTEXT of EVERY MESSAGE every user has ever sent or received on THEIR SERVER.— Thomas H. Ptacek (@tqbf) December 19, 2015
How Telegram's cloud security actually works
In Telegram there are two kinds of chats, the cloud chat ("default" chat or group chat) and the secret chat.
Messages of cloud chats are client-server encrypted with MTProto, an open source mobile protocol which Telegram developed on their own.
This means that messages are being encrypted before sending them to Telegram's servers. Even if the message is being stored encrypted, the server has the capability of decrypting the message and read it as "plaintext", as Snowden states out:
To be clear, what matters is that the plaintext of messages is *accessible* to the server (or service provider), not whether it's "stored."— Edward Snowden (@Snowden) December 19, 2015
This is necessary though to make messages accessible on devices across different platforms such as Telegram's mobile messenger or Telegram's Desktop app. Telegram is a cloud service which stores messages, photos and other files on their servers, so that users can access their data from any of their devices. Anytime.
While messages could theoretically decrypted by Telegram's server, Telegram ensures to store all data encrypted and store the encryption keys in several other data centers in different jurisdictions.
This way local engineers or physical intruders cannot get access to user data, as Pavel Durov, Founder of Telegram, also pointed out:
Secret chats ensure end-to-end encryption
For more paranoid users, Telegram offers their secret chat (also based on MTProto) which are end-to-end encrypted and the encryption keys are solely hold by the secret chat's participants.
Therefore, if you start a secret chat, it's only available on the device where you started the chat and it's not synced across your other connected devices. Furthermore it requires both users to be online at the same time.
These messages don't leave a trace on Telegram's servers and if a message is being deleted, the app on the other side of the secret chat will be ordered to delete it as well. Alternatively, a self-destruct timer can be set for all messages, photos and other files.
Conclusion: Security comes at the price of convenience
I really like the possibility to choose on my own whether I want chats synced across devices or have them end-to-end encrypted on only one device.
- Snowden doubts Security of Telegram, RT.com (December 2015)
- Telegram gains 1.5m new users after WhatsApp ban in Brazil, orat.io Blog (December 2015)
- Telegram FAQ – Security
- Telegram FAQ - Secret Chats