> Telegram already authenticates by the phone number, which setup was successfully used by Russian forces to hijack accounts of opposition.
While this is bad, IIRC if it has PFS this means that the phone number rerouting cannot be used to recover messages sent before this intercept. And also IIRC this phone number could only be used to trigger re-keying, which is detectable.
> IIRC this phone number could only be used to trigger re-keying, which is detectable
Dunno about currently, but afaik at the time this went down nothing was detectable, you just log into a user's account and read the history since e2e conversations aren't the default.
> The default method of authentication that Telegram uses for logins is SMS-based single-factor authentication. All that is needed in order to log into an account and gain access to that user's cloud-based messages is a one-time passcode that is sent via SMS to the user's phone number. These login SMS messages are known to have been intercepted in Iran, Russia and Germany, possibly in coordination with phone companies.
While this is bad, IIRC if it has PFS this means that the phone number rerouting cannot be used to recover messages sent before this intercept. And also IIRC this phone number could only be used to trigger re-keying, which is detectable.