This project is an educational Telegram bot developed for a Secure Computing / Computer Security course.
It demonstrates how incorrect and incomplete use of cryptography can silently break anonymity and lead to identity disclosure.
The repository contains two Telegram bots with identical functionality but different security models:
- 🔴 Insecure Bot —
bot_insecure.py - 🟢 Secure Bot —
bot_secure.py
Anonymous messaging systems are widely used in real-world applications.
However, anonymity is not guaranteed by intention, but by correct security design.
This project demonstrates:
- Why Base64 is NOT encryption
- How client-controlled tokens can be abused
- How tampering leads to identity leakage
- How proper cryptographic design prevents these attacks
- Anonymous message sending via unique personal links
- Inline keyboard with Reply button
- Continuous / threaded anonymous replies
- Fully functional Telegram bot (real environment)
- Side-by-side comparison of secure vs insecure logic
.
├── bot_insecure.py
├── bot_secure.py
├── .env.example
├── requirements.txt
└── README.md
| Name | Role / Responsibility |
|---|---|
| Seyyedeh Fargol Nazemzadeh | Bot implementation and attack demonstration – Gathered project requirements, implemented both insecure and secure Telegram bots, and demonstrated the bots in practice. |
| Seyyed Ali Faghih Mousavi | Project Designer & Cryptography Analyst – Defined the project scope and analyzed different encryption methods for insecure and secure implementation. |
| Saeed Razzaghi | Documentation Specialist & Security Explainer – Worked on detailed documentation, focusing on cryptography explanations and security concepts. |
- Uses Base64 encoding instead of real encryption
- Reply tokens are:
- Reversible
- Trusted without validation
- Stored directly in memory
- Callback data can be tampered with
- Sender identity can be recovered from reply tokens
A user replying to an anonymous message can decode or manipulate the token and reveal the real sender identity, breaking anonymity.
- Information Disclosure
- Tampering
- Broken Cryptography
- Trusting Client-Side Data
- Uses improved cryptographic protection with a secret key and IV
- Tokens are:
- Cryptographically protected
- Validated before use
- Never stored in raw form
- Manipulated or forged tokens are detected
- Only verified sender IDs are used internally
Anonymous messaging remains anonymous even during multi-step reply chains.
- Encoding vs Encryption
- Token Tampering
- Information Disclosure
- STRIDE Threat Model (T – Tampering)
- Secure token lifecycle management
- Server-side trust vs client-side data
- User A sends an anonymous message to User B
- Bot generates a Base64-based reply token
- User B clicks Reply
- The token is decoded or manipulated
- Sender identity is revealed or forged
- Python 3.10+
- python-telegram-bot v20.6
- Telegram Bot API
- Cryptography primitives
- python-dotenv
git clone https://github.com/Fargolnz/Anonymous-Messaging-Bot-Security.git
cd your-repoBOT_TOKEN=your_telegram_bot_token
AES_KEY=your_secret_key
STATIC_IV=your_static_ivpip install -r requirements.txtpython bot_insecure.py
# or
python bot_secure.pyThis project is strictly for educational use.
It demonstrates real-world security design mistakes and shows how small cryptographic errors can completely break system guarantees.
Do NOT use the insecure version in production.
This project does not promote misuse of Telegram or privacy violations.
All vulnerabilities are demonstrated in a controlled academic environment.
Anonymity is not a feature — it is a security guarantee.
And guarantees only exist when cryptography is used correctly.