Telegram MTPROTO Proxy - all we know about it

Immediately after the events with Telegram blocking in Iran and Russia, a new type of Proxy began to appear in beta versions of the messenger, and to be precise, a new protocol - MTProto Proxy.

This protocol was created by the Telegram team to solve the problems of bypassing locks, but is it so good?

Like now?

The main type of proxy that telegram now works with is socks. It has a fatal flaw: The login and password when connecting to the proxy are transmitted in the clear , no, your telegram cannot be "removed" in this way, but you can look inside the proxy and understand that Ivan Ivanov uses the telegram.

In those countries that use DPI for traffic analysis, that's done. This device parses the tunnel and looks at what is inside, if it sees prohibited traffic, we block it.

What does Durov offer?

MTProto Proxy is a protocol of the MTProto family (Telegram runs on it), it solves several problems at once:

1. To connect instead of username + password, only a password is enough
2. Traffic is no different from regular HTTPS / TLS (well, almost)
3. Password is not transmitted to the server when connecting
4. Traffic is encrypted
5. It is possible to work through a proxy only Telegram'a (other applications will not work)
6. Promoted channels

As you can see - a set of features makes this type of proxy highly specialized - for Telegram, you won’t be able to transfer normal traffic there, and this, strange as it may seem, is a huge plus.

Telegram only

Previously, channels (and bots) made their proxies and distributed them to the world to save the audience in case of blocking. Their proxies fell into the global proxy lists and spam and other bad things were sent through them. With a new type of proxy - you can’t break the law, the maximum that will happen - telegram will ban your IP address.

An example of breaking the law in the case of socks: Through your proxy, they tried to crack the bank / government agency, your hoster will receive an official complaint and in the best case, he will simply block you, in the worst case, for that court.

Promoted Channels

Promoted channels are such a channel that you will automatically subscribe to when connecting to a proxy, it will be pinned at the top of the contact / chat list and it cannot be deleted until you disconnect from this proxy.

Roughly speaking, telegram allows you to monetize a proxy, if earlier you could take a proxy from channel X (maybe it works faster), but don’t read it at all, but go read Y, (and channel X spends money on supporting proxies to nothing), then now for using the proxy you will pay a signature on the channel.

Thus, one can expect explosive growth of such proxies, if earlier the creation of a proxy was more a burst of goodwill or charity, then now - the more users on your proxy = the more subscribers to the channel -> advertising can be sold more expensive.

Traffic is encrypted

Having launched Wireshark, I went to see what traffic looks like when working through a proxy. And it looks like a regular TCP / SSL connection (without some packets / headers that relate to https) . In other words, traffic can be disguised as solutions such as Cisco Anyconnect and similar solutions that use TCP + SSL.

Inside the tunnel there is a “mess” of encrypted traffic, the traffic is encrypted, as you might guess, with the same password / secret phrase that you enter when connecting. But not only her, of course, all the SSL / TLS features are used here.

When will it be in production?

At the moment, MTProto Proxy is available in the stable version of Telegram for OS X, Telegram or Android, and in beta versions of Telegram Desktop, iOS Telegram X.

It looks like we are waiting for the release of this proxy in the desktop clients and the regular iOS version (not X) immediately after that, we should see a new post from the team with a story about why it is good and how to live on.

And where to test?

On the expanses of the chat rooms in a telegram, a semi-official proxy was found that works fine with the new protocol and (it seems) was launched by one of the developers, actually here it is:

t.me/proxy?server=proxy.digitalresistance.dog&port=443&secret=d41d8cd98f00b204e9800998ecf8427e

But this is not everything, enthusiasts on Github using the source analysis method are trying to make their proxies (there is no official yet), here are (PHP) a couple of (C #) projects (Rust) .

PS And also in the latest version of the library for VOIP calls that is used in telegram, support for the conference mode is found, it seems that soon there will be two big announcements at once.

UPD:MTProto proxy is currently part of the Telegram infrastructure and when the telegram is “running” from locks, it multiplies and transfers copies of its MTProto Proxy between hosters, while the processing servers themselves do not move anywhere. Thus, in the near future, Telegram will allow to deploy part of its infrastructure at home. (The protocol of “native” proxies may differ from what telegrams currently implement in clients called MTPROTO)

UPD: A similar post from Anna (Vee Security) regarding proxy types in Telegram and about MTProto Proxy (including analysis of a specific type encryption)

UPD: MTProto Proxy from the creators of TgVPN mtproto.tgproxy.cloud/mtproxy.htmlasked to test

UPD: The most stable version of the MTProto server (in my opinion) is on Rust, available on Github github.com/dotcypress/mtproxy

The easiest option to start your own proxy:

sudo docker run --name 'mtproto_proxy' --restart unless-stopped -p 1984:1984 -dti dotcypress/mtproxy -s 'proxy secret'

Instead of proxy secret - it is worth specifying your phrase on the basis of which the key

Get key will be generated :

docker logs mtproto_proxy