{"id":155147,"date":"2023-01-11T04:22:38","date_gmt":"2023-01-11T10:22:38","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2023\/01\/expert-analysis-reveals-cryptographic-weaknesses-in-threema-messaging-app"},"modified":"2023-01-11T04:22:38","modified_gmt":"2023-01-11T10:22:38","slug":"expert-analysis-reveals-cryptographic-weaknesses-in-threema-messaging-app","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2023\/01\/expert-analysis-reveals-cryptographic-weaknesses-in-threema-messaging-app","title":{"rendered":"Expert Analysis Reveals Cryptographic Weaknesses in Threema Messaging App"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/expert-analysis-reveals-cryptographic-weaknesses-in-threema-messaging-app2.jpg\"><\/a><\/p>\n<p>A comprehensive analysis of the cryptographic protocols used in the Swiss encrypted messaging application Threema has revealed a number of loopholes that could be exploited to break authentication protections and even recover users\u2019 private keys.<\/p>\n<p>The seven attacks span three different threat models, <a href=\"https:\/\/breakingthe3ma.app\/\" rel=\"noopener\" target=\"_blank\">according<\/a> to ETH Zurich researchers Kenneth G. Paterson, Matteo Scarlata, and Kien Tuong Truong, who reported the issues to Threema on October 3, 2022. The weaknesses have since been addressed as part of <a href=\"https:\/\/threema.ch\/en\/versionhistory\" rel=\"noopener\" target=\"_blank\">updates<\/a> released by the company on November 29, 2022.<\/p>\n<p>Threema is an encrypted messaging app that\u2019s used by more than 11 million users as of October 2022. \u201cSecurity and privacy are deeply ingrained in Threema\u2019s DNA,\u201d the company <a href=\"https:\/\/threema.ch\/en\/about\" rel=\"noopener\" target=\"_blank\">claims<\/a> on its website.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A comprehensive analysis of the cryptographic protocols used in the Swiss encrypted messaging application Threema has revealed a number of loopholes that could be exploited to break authentication protections and even recover users\u2019 private keys. The seven attacks span three different threat models, according to ETH Zurich researchers Kenneth G. Paterson, Matteo Scarlata, and Kien [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,1625,1492],"tags":[],"class_list":["post-155147","post","type-post","status-publish","format-standard","hentry","category-biotech-medical","category-encryption","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/155147","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=155147"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/155147\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=155147"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=155147"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=155147"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}