Should We Chat, Too? Security Analysis of WeChat's MMTLS Encryption Protocol
Black Hat Asia 2025 · Day 1 · Briefings
This talk, delivered by Pelleon from the Citizen Lab at the University of Toronto and Mona, a PhD student at Princeton University and former Citizen Lab research fellow, delves into a comprehensive security analysis of WeChat's proprietary encryption protocol, **MMTLS**. WeChat, a ubiquitous mobile application with billions of users, employs a custom, multi-layered encryption scheme instead of widely adopted and scrutinized open standards like **TLS/SSL**. The speakers meticulously reverse-engineered this custom protocol, revealing its intricate architecture, cryptographic primitives, and significant security weaknesses. The core motivation for this research stemmed from the observation that WeChat's network traffic was heavily obfuscated, prompting an investigation into "what's being sent" and the soundness of its encryption.
AI review
This talk is a masterclass in tearing apart proprietary encryption. Researchers from Citizen Lab and Princeton meticulously reverse-engineered WeChat's MMTLS and its underlying 'business layer' protocol, exposing critical flaws that affect billions of users. They demonstrated how a complex, two-layered custom crypto stack leads to vulnerabilities like a forgeable checksum, lack of forward secrecy, and replay resistance issues. This isn't just about WeChat; it's a damning indictment of 'security through obscurity' and a powerful argument for universal adoption of open, vetted cryptographic…