
Implementing End-To-End Encryption in Matrix Clients - Sami_Lehtinen
https://matrix.org/docs/guides/e2e_implementation.html
======
Arathorn
warning: the e2e implementor’s guide hasn’t been updated with any of the
incremental key backup or interactive key verification stuff which just landed
in Riot 1.0, nor the cross-signing epic which is on the horizon.

The details for these for those interested can be found at:

[https://github.com/matrix-org/matrix-
doc/pull/1703](https://github.com/matrix-org/matrix-doc/pull/1703)

[https://github.com/matrix-org/matrix-
doc/issues/1267](https://github.com/matrix-org/matrix-doc/issues/1267)

[https://github.com/matrix-org/matrix-
doc/pull/1544](https://github.com/matrix-org/matrix-doc/pull/1544)

and

[https://github.com/matrix-org/matrix-
doc/pull/1756](https://github.com/matrix-org/matrix-doc/pull/1756)

~~~
gregknicholson
It's a good sign (I mean this sincerely!) when the first comment is the
project founder with a caveat, setting realistic expectations.

Keep up the good work! (…but do remember to get some bloody sleep every once
in a while)

~~~
Arathorn
thanks :)

------
jeroenhd
I love Matrix and I am planning on running a home server of my own and
integrate it with all the different chat services I use.

Last time I checked there was the Matrix reference implementation and Riot.
Today, there's a bunch of gorgeous Matrix clients that I can see people
actually use. Alternative clients like Fractal and Nheko can make or break the
ecosystem and I'm glad to see continuous improvement in that area.

It's especially nice to see the cross-signing proposal approved, as trying out
just a few Matrix clients over time has added 9 separate keys I need to
approve to my account already. Stuff like this will make it easy to switch
phones/desktops/apps and will be wonderful for public uptake.

~~~
brachi
I want to integate all chat services as well. Could you share how you plan to
do it? Libpurple/pidgin perhaps?

~~~
skyfaller
Quinn Norton had some pretty damning things to say about libpurple and its
lack of security in 2014: [https://medium.com/message/everything-is-
broken-81e5f33a24e1](https://medium.com/message/everything-is-
broken-81e5f33a24e1)

It's possible libpurple's security has improved since then, but I wouldn't
count on it.

~~~
brachi
Thanks for the link. I actually checked the CVEs so far and read their
'security' page. I have only skimmed the article, however, if it's just
reverse engineering the protocols, and you are still using somebody else's
server, what's the biggest risk? Maybe a vuln in the client that won't be
fixed as fast as the official client?

------
xvilka
They should focus on non-Electron client, and server in Go [1] rather than
Python. Both are too slow and consume so much memory just for an IM.

[1] [https://github.com/matrix-org/dendrite](https://github.com/matrix-
org/dendrite)

------
koalalorenzo
I love Matrix and Riot is the perfect client! Personally, I found the current
way to manage end-to-end encryption in a room a little bit annoying to
configure (when using it in a team is even more painful). I am glad to hear
that it is getting better.

I can't stop suggesting Matrix to people!

------
jancsika
Is there a milestone after which Matrix will only recommend clients which have
E2E encryption for all messages _by default_?

As it is you list stuff like Nheko which claims to E2E encrypt messages _but
not attachments_.

~~~
Arathorn
sure. the idea is to provide a proxy such that non-e2e clients get encrypted -
see [https://github.com/vector-im/riot-
web/issues/6779](https://github.com/vector-im/riot-web/issues/6779).

nheko lost its maintainer for a few months hence stuff like the missing e2e
attachments, but they are trivial to add; hopefully someone will contribute
them soon.

------
OvidNaso
I'm new to using all the new chat programs and LOVE the idea of matrix, but
was somewhat surprised to learn there isn't a bridge for Signal, since it's
open source. Is there a reason and/or any possibility of it happening. The
linux Signal desktop client is too resource intensive and it would be amazing
to be able to use WeeChat.

~~~
driminicus
There is a signal bridge [0], but it is a little hacky. I would imagine moxie
won't condone an 'official' bridge to matrix, given his stance on federated
chat. Also: any realistic (short-term) bridges will have to basically be a
man-in-the-middle, breaking the end to end crypto. In the (very?) long term
MLS [1] _may_ allow for e2ee through a bridge, but that would probably mean
that signal has to explicitly support it. Given the track-record of OWS I
personally doubt that would happen, but I'm just a random guy from the
internet, so what do I know. I do know that the matrix people are looking at
MLS and are willing to implement it in matrix if it finalizes, though they'll
currently focus on their own megolm implementation, which is very close to
being perfect, from my perspective.

[0] [https://github.com/matrix-hacks/matrix-puppet-
signal](https://github.com/matrix-hacks/matrix-puppet-signal) [1]
[https://datatracker.ietf.org/wg/mls/about/](https://datatracker.ietf.org/wg/mls/about/)

------
I_am_tiberius
Maybe slightly out of context but: It should be highlighted in <h1> that Riot
does not use end to end encryption by default. At least that's how I
understand it.

~~~
Arathorn
i think the assumption here is that if you are reading an implementor’s guide
to e2e encryption, you’ll be doing so _because_ it’s not yet turned on by
default (due in part to not all clients implementing it yet).

[https://github.com/vector-im/riot-web/issues/6779](https://github.com/vector-
im/riot-web/issues/6779) is the issue tracking turning it on by default.

apps like riot make it pretty clear when you are in an unencrypted convo
(typically the composer says “Send a message (unencrypted)”.

