> Here I briefly present the two attacks that show that MTProto is not IND-CCA secure. We assume the reader to be familiar with the notion of IND-CCA security...
> Once again, I stress that the attacks are only of theoretical nature and we do not see a way of turning them into full-plaintext recovery. Yet, we believe that these attacks are yet another proof [https://eprint.iacr.org/2015/428.pdf] that designing your own crypto rarely is a good idea.
Check out the "MTProto is not IND-CCA secure" section Eduard Toloza supposedly wrote: https://gitlab.com/edu4rdshl/blog/blob/9d490385d53cdf7048d16...
> Here I briefly present the two attacks that show that MTProto is not IND-CCA secure. We assume the reader to be familiar with the notion of IND-CCA security...
> Once again, I stress that the attacks are only of theoretical nature and we do not see a way of turning them into full-plaintext recovery. Yet, we believe that these attacks are yet another proof [https://eprint.iacr.org/2015/428.pdf] that designing your own crypto rarely is a good idea.
And compare it to Jakob Jakobsen and Claudio Orlandi's paper: https://eprint.iacr.org/2015/1177.pdf
The "author" just swapped out the "we" for "I". Aside from the text in bold at the bottom, there's no original content. It's plagiarism.