**Last edit**

Summary: This reads better

**Changed:**

< “If Telegram wants to prove that their protocol is better than this absolute garbage protocol, then I challenge them to publish the plaintext of Alice’s message**.”< “**Here we have a messaging protocol that employs the NSA backdoored random number generator (Dual_EC_DRBG), weak public key cryptography (896bit RSA, no padding, no signatures, no authenticity), the worst cryptographic hash function possible as a KDF (MD2), and XOR as a cipher.”

**to**

> “If Telegram wants to prove that their protocol is better than this absolute garbage protocol, then I challenge them to publish the plaintext of Alice’s message**. […]** Here we have a messaging protocol that employs the NSA backdoored random number generator (Dual_EC_DRBG), weak public key cryptography (896bit RSA, no padding, no signatures, no authenticity), the worst cryptographic hash function possible as a KDF (MD2), and XOR as a cipher.”

This is old news, but I haven't updated this blog in a while. In any case, here's a good read:

Please check out the whole article, but here is a TL;DR anyway:

“If Telegram wants to prove that their protocol is better than this absolute garbage protocol, then I challenge them to publish the plaintext of Alice’s message. […] Here we have a messaging protocol that employs the NSA backdoored random number generator (Dual_EC_DRBG), weak public key cryptography (896bit RSA, no padding, no signatures, no authenticity), the worst cryptographic hash function possible as a KDF (MD2), and XOR as a cipher.”