![]() ![]() Note that the initial part of the message to be encrypted contains variable data (session, message ID, sequence number, server salt) that obviously influences the message key (and thus the AES key and iv). A user key together with the message key defines an actual 256-bit key which is what encrypts the message using AES-256 encryption. Prior to a message (or a multipart message) being transmitted over a network using a transport protocol, it is encrypted in a certain way, and an external header is added at the top of the message which is: a 64-bit key identifier (that uniquely identifies an authorization key for the server as well as the user) and a 128-bit message key. However, very large numbers (2048-bit or pq, p, q params) used in RSA and DH are written in the big endian format because that is how the OpenSSL library does it. For more detail, see Binary Data Serialization, Mobile Protocol: Service Messages.Īll numbers are written as little endian. In particular, each RPC function has a corresponding message type. In addition, when a container or a single message is sent, an internal header is added at the top (see below), then the entire message is encrypted, and an external header is placed at the top of the message (a 64-bit key identifier and a 128-bit message key).Ī message body normally consists of a 32-bit message type followed by type-dependent parameters. The first several fields in the message are fixed and are used by the cryptographic/authorization system.Įach message, either individual or inside a container, consists of a message identifier (64 bits, see below), a message sequence number within a session (32 bits), the length (of the message body in bytes 32 bits), and a body (any size which is a multiple of 4 bytes). Multipart message or container (a container that holds several messages needed to send several RPC calls at once over an HTTP connection, for example also, a container may support gzip).įrom the standpoint of lower level protocols, a message is a binary data stream aligned along a 4 or 16-byte boundary.Message received acknowledgment (or rather, notification of status of a set of messages).RPC responses (server to client): results of RPC calls.RPC calls (client to server): calls to API methods.When the UDP protocol is used, a response might be returned by a different IP address than the one to which the query had been sent. Several connections to a server may be open messages may be sent in either direction through any of the connections (a response to a query is not necessarily returned through the same connection that carried the original query, although most often, that is the case however, in no case can a message be returned through a connection belonging to a different session). In addition, each session is attached to a user key ID by which authorization is actually accomplished. The session is attached to the client device (the application, to be more exact) rather than a specific websocket/http/https/tcp connection. Brief Component Summary High-Level Component (RPC Query Language/API)įrom the standpoint of the high-level component, the client and the server exchange messages inside a session. MTProto v1.0 ( described here for reference) is deprecated and is currently being phased out. Transport component: defines the method for the client and the server to transmit messages over some other existing network protocol (such as HTTP, HTTPS, WS (plain WebSockets), WSS (WebSockets over HTTPS), TCP, UDP).Īs of version 4.6, major Telegram clients are using MTProto 2.0, described in this article.Cryptographic (authorization) layer: defines the method by which messages are encrypted prior to being transmitted through the transport protocol.High-level component (API query language): defines the method whereby API queries and responses are converted to binary messages.The protocol is subdivided into three virtually independent components: It must be emphasized that a web browser is not such an application. The protocol is designed for access to a server API from applications running on mobile devices. This page deals with the basic layer of MTProto encryption used for Cloud chats (server-client encryption). Security Guidelines for Client Software Developers Mobile Protocol: Service Messages about Messages ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |