However, the workforce also said that mainly because all interaction, such as plaintext and ciphertext, passes by Telegram servers, and since the server is liable for picking out Diffie–Hellman parameters, the "server should not be regarded as trusted." Additionally they concluded that a man-in-the-middle attack can be done if customers fall shor