A
A
airbor2018-12-26 03:28:08
Information Security
airbor, 2018-12-26 03:28:08

How secure is a private Telegram channel?

If you make a new channel private and use it as a personal cloud with files - how safe is it?
As far as I understand, the channel is opened by the link. Link like https://t.me/joinchat/AAAAAE7x_2S_dKa7Z3jKhz
And all the links at the beginning are the same. So, it turns out that the password there is simply 7x_2S_dKa7Z3jKhz.
So there are 16 characters of the password, that's all that closes the person's channel from the attacker.
Let's say Tegeram will have about 2 million channels. Well, what, for 200 million users, 2 million channels is modest - only 1% of users created them.
Now let's estimate how many variations of addresses. The number system is case sensitive, so:
0-9
az
AZ
I didn't see any special characters except underscores.
It turns out 10+26+26+1 = 63 is the size of the alphabet.
The number of combinations we have is 63 to the power of 16
Exponentiation gives a number:
6.1581291280182165e+28
​​We get a number that has 28 zeros, BUT we have not one "hit" option, but a million. And from this large number you can immediately cut down six zeros.
So there are 22 zero options left. In the case of selecting 100 million options per second (8 zeros), it turns out that 14 zeros of seconds are already needed. There are 31 lam seconds (7 zeros) in a year, so it turns out a full enumeration is already a figure with 7 zeros for years to enumerate.
Am I thinking correctly?

Answer the question

In order to leave comments, you need to log in

3 answer(s)
C
CityCat4, 2018-12-26
@airbor

There is no 100% security anywhere - in any case, you rely on some third-party components.
The security measure is usually defined in relation to the one who opposes (from whom you are protecting yourself), how sensitive the information is to disclosure and how quickly it loses this sensitivity (that is, for example: the confirmation code of any operation is valid for 2 - 5 minutes, after this interval it loses all secrecy.Bank card details are valid for 1-3 years, after that they lose secrecy.A photo of a naked girlfriend will not lose secrecy for several decades :) )
It is relatively safe to store files on a VPS with an encrypted disk. To store in the "clouds" - it doesn't matter where - without encryption - it means to share the information stored there in advance with admins, who always havethere is an opportunity to turn all this cunning mathematics into zero ...

A
Alexey, 2019-01-03
@Demanoidos

Use the cloud = no privacy. Yes, they can tell you about security, encryption, and so on, but one fakap, and not yours, and all the data will go to the public, from where it can no longer be picked out.
Therefore, critical data should never be stored in the cloud.

V
vanoc, 2018-12-26
@Zoro

And what prevents you from throwing files into your own favorites in a telegram?

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question