This is an amazing paper. It implies (with strong statistical evidence) that the design of a major mobile-data encryption algorithm — used in GPRS data — was deliberately backdoored by its designer. https://t.co/kC4DUpceXN

— Matthew Green (@matthew_d_green) June 16, 2021