Three Lessons From Threema: Analysis of a Secure Messenger


Kenneth G. Paterson, Matteo Scarlata, and Kien Tuong Truong, ETH Zurich


We provide an extensive cryptographic analysis of Threema, a Swiss-based encrypted messaging application with more than 10 million users and 7000 corporate customers. We present seven different attacks against the protocol in three different threat models. We discuss impact and remediations for our attacks, which have all been responsibly disclosed to Threema and patched. Finally, we draw wider lessons for developers of secure protocols.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@inproceedings {287280,
author = {Kenneth G. Paterson and Matteo Scarlata and Kien Tuong Truong},
title = {Three Lessons From Threema: Analysis of a Secure Messenger},
booktitle = {32nd USENIX Security Symposium (USENIX Security 23)},
year = {2023},
isbn = {978-1-939133-37-3},
address = {Anaheim, CA},
pages = {1289--1306},
url = {},
publisher = {USENIX Association},
month = aug

Presentation Video