MEGA: Malleable Encryption Goes Awry

Published:

In this talk, I present five attacks on the user-controlled end-to-end security MEGA. Our attacks show that a malicious provider can break authentication and compromise file confidentiality and integrity.
The presentation slides are available [here](/files/2023-05-22_mega.pdf).