We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Making & Breaking Matrix's End-to-end encryption

00:00

Formal Metadata

Title
Making & Breaking Matrix's End-to-end encryption
Subtitle
In which we exercise the threat model for Matrix's E2E encrypted decentralised communication
Title of Series
Number of Parts
490
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Matrix is an open protocol and open network for decentralised real-time communication; shifting control over communication from the big proprietary silos back to the general population of the Internet. In 2016 we added E2E Encryption based on the Double Ratchet, and since then have been working away on getting the encryption so polished that we can transparently turn it on by default everywhere. In this talk, we'll show how we have finally done this, what the blockers were, and then try to smash the encryption to pieces to illustrate the potential attacks and how we mitigate them. Matrix is an ambitious project to build a open decentralised real-time communication network; providing an open standard protocol and open source reference implementations, letting anyone and everyone spin up a Matrix server and retake control of their real-time communication. Matrix is looked after by the non-profit Matrix.org Foundation, and as of Oct 2019 we have over 11.5M addressable users and around 40K servers on the public network. Over the course of 2019 we spent a huge amount of time finalising Matrix's end-to-end encryption so we could finally turn it on by default without compromising any of the behaviour users had grown accustomed to in non-encrypted rooms. Specifically, the main remaining blockers were: Ability to search in E2E encrypted rooms (now solved by Seshat: a Rust-based full-text-search engine embedded into Matrix clients) Ability to get compatibility with non-E2E clients, bots and bridges (now solved by pantalaimon: a daemon which offloads E2E encryption) Reworking the whole encryption UI to expose cross-signing to radically simplify key verification (including QR-code scanning for simplicity) Ability to receive notifications in E2E encrypted rooms. However, we have finally got there, and this talk will demonstrate how the final E2EE implementation works; the final problems we had to solve; the threat model we have implemented; and how we're doing on rolling it out across the whole network. More interestingly, we will then demonstrate a variety of attacks against the encryption (e.g. shoulder-surfing QR codes during device verification; MITMing TLS; acting as a malicious server implementation; global passive adversary) to demonstrate how well we handle them.
TelecommunicationData modelMatrix (mathematics)EncryptionEncryptionSpecial unitary groupBitMultiplication signMatrix (mathematics)DatabaseTelecommunicationReal-time operating systemLine (geometry)Right angleSoftwareUniform boundedness principle
Matrix (mathematics)Real numberOpen setTelecommunicationComputer networkComputing platformTelecommunicationServer (computing)DatabaseInternet der DingeWeb 2.0BitHierarchySoftwareOpen setReal-time operating systemComputing platformStandard deviationMatrix (mathematics)Client (computing)Polygon meshBridging (networking)Data conversionService (economics)Matching (graph theory)Computer animation
Matrix (mathematics)ArchitectureSanitary sewerIdentity managementServer (computing)Client (computing)Local GroupEncryptionRule of inferenceMotif (narrative)Repository (publishing)Content (media)Data conversionMatrix (mathematics)Server (computing)SoftwareRepository (publishing)Identity managementGroup actionMessage passingSingle-precision floating-point formatCartesian coordinate systemClient (computing)Computer animation
Matrix (mathematics)Local GroupEncryptionServer (computing)Rule of inferenceMotif (narrative)Content (media)Repository (publishing)Default (computer science)EncryptionGroup actionData conversionRatsche <Physik>Matrix (mathematics)Revision controlParity (mathematics)Doubling the cubeAlgorithmCAN busLine (geometry)Multiplication signSubject indexingRight angleGoogolComputer animation
Matrix (mathematics)Local GroupEncryptionRule of inferenceServer (computing)Motif (narrative)Content (media)Repository (publishing)Service (economics)Scalable Coherent InterfaceAndroid (robot)Point (geometry)Term (mathematics)BitElectronic signatureMatrix (mathematics)AverageCategory of beingMoment (mathematics)EncryptionScalabilityFocus (optics)Service (economics)Sampling (statistics)TelecommunicationInternettelefonieClient (computing)Android (robot)HorizonCrash (computing)Mobile appCartesian coordinate systemBridging (networking)CountingPhysical systemInsertion lossWritingServer (computing)Computer animation
Matrix (mathematics)Message passingServer (computing)EncryptionStatisticsDifferent (Kate Ryan album)Server (computing)Android (robot)Message passingPressureImplementationParabolaTerm (mathematics)Set (mathematics)Projective planeScaling (geometry)DreizehnRadio-frequency identificationMatrix (mathematics)Computer animation
Matrix (mathematics)Default (computer science)Level (video gaming)Server (computing)Transport Layer SecurityIdentity managementFormal verificationSurfaceServer (computing)Identity managementService (economics)Matrix (mathematics)Scaling (geometry)Metropolitan area networkData conversionSurfaceEncryptionKey (cryptography)Software frameworkComputer animation
Ratsche <Physik>Key (cryptography)Formal verificationData recoveryBackupDefault (computer science)Client (computing)Matrix (mathematics)View (database)Subject indexingError messageSynchronizationIdentity managementFlash memorySlide ruleSign (mathematics)Right angleClient (computing)Direct numerical simulationData conversionPhysical lawMatrix (mathematics)Formal verificationRandomizationHacker (term)RobotComputer fileDocument management systemComputer animation
Matrix (mathematics)Client (computing)Bus (computing)Data managementInterface (computing)Online chatDemonComponent-based software engineeringCompact spaceDemonServer (computing)Matrix (mathematics)Proxy serverRandomizationScripting languageInterface (computing)Data managementWritingMaterialization (paranormal)Physical systemData conversionGroup actionRight angleUltraviolet photoelectron spectroscopyClient (computing)ImplementationService (economics)Computer animation
Matrix (mathematics)DemonClient (computing)Bus (computing)Data managementInterface (computing)Online chatComponent-based software engineeringCompact spaceMatrix (mathematics)Client (computing)ImplementationProjective planeSoftware frameworkEntire functionStack (abstract data type)FraktalgeometrieSoftware developerCASE <Informatik>Video gameData structureMultiplication signComputer animation
Execution unitClient (computing)Message passingSubject indexingWeb-DesignerRight angleSystem callWeb 2.0Software development kitSimilarity (geometry)ExistenceMultiplication signMatrix (mathematics)Projective planeFreewareSoftware testingCASE <Informatik>Computer animationSource code
AngleMenu (computing)SynchronizationSimulationInclusion mapSalem, IllinoisMatrix (mathematics)Software testingLine (geometry)Point (geometry)Client (computing)Connected spaceMatrix (mathematics)Server (computing)Computer virusFormal verificationSign (mathematics)Source codeComputer animation
Matrix (mathematics)Client (computing)Bus (computing)Data managementInterface (computing)Online chatDemonComponent-based software engineeringLibrary (computing)Message passingSubject indexingStandard deviationPrice indexMiniDiscEncryptionThread (computing)Data storage deviceWrapper (data mining)Formal verificationWeb 2.0Java appletKeyboard shortcutCross-platformDifferent (Kate Ryan album)Matrix (mathematics)Multiplication signMessage passingServer (computing)EncryptionSubject indexingClient (computing)RandomizationSoftware developerHomomorphismusStability theoryLaptopBuildingProduct (business)Basis <Mathematik>Branch (computer science)Exception handlingModule (mathematics)RobotMiniDiscThread (computing)Structural loadDemosceneWeb crawlerRight angleSequelVideo gameGradientSearch engine (computing)Service (economics)Source codeComputer animation
Vector spaceMIDIMatrix (mathematics)Office suiteTerm (mathematics)Uniform boundedness principleLocal ringPoint (geometry)Web 2.0Computer animation
MathematicsMatrix (mathematics)Message passingCore dumpKey (cryptography)SynchronizationComputer networkPartition (number theory)Term (mathematics)Server (computing)Maximum length sequenceDistribution (mathematics)Error messageSeries (mathematics)Right angleMessage passingBijectionTelecommunicationBitDifferent (Kate Ryan album)Key (cryptography)Server (computing)Core dumpEncryptionComputer architectureService (economics)AreaSource codeComputer animation
Matrix (mathematics)Message passingCore dumpKey (cryptography)SynchronizationComputer networkPartition (number theory)Term (mathematics)Server (computing)Maximum length sequenceDistribution (mathematics)Error messageSeries (mathematics)EncryptionElectronic mailing listSanitary sewerClient (computing)SharewareGraph (mathematics)Sign (mathematics)Complex (psychology)Server (computing)MereologyInformationClosed setDenial-of-service attackNP-hardMechanism designTrailSocial classCache (computing)Client (computing)BitProper mapDifferent (Kate Ryan album)Message passingMatrix (mathematics)Link (knot theory)NeuroinformatikNetwork topologyPolygon meshDistribution (mathematics)Key (cryptography)Row (database)AlgorithmQuicksortSoftware bugINTEGRALElectronic mailing listData recoveryWeb 2.0Point (geometry)Synchronization1 (number)Matching (graph theory)AreaTerm (mathematics)Presentation of a groupHeegaard splittingDigital photographyRational numberComputer scienceFilm editingSign (mathematics)Validity (statistics)Multiplication signSharewareComputer animation
Matrix (mathematics)SharewareGraph (mathematics)Sign (mathematics)Complex (psychology)BitMultiplication signMathematicsMatrix (mathematics)Sign (mathematics)Key (cryptography)Centralizer and normalizerLoop (music)Computer animation
Matrix (mathematics)SharewareWhiteboardKey (cryptography)Sign (mathematics)Server (computing)Similarity (geometry)Message passingData storage deviceSynchronizationPublic-key infrastructureSurjective functionDifferent (Kate Ryan album)Key (cryptography)Proxy serverLine (geometry)MathematicsData structureSign (mathematics)Server (computing)Web 2.0BackupElectronic signatureLevel (video gaming)Flow separationSoftware bugInstance (computer science)19 (number)Heegaard splittingMatrix (mathematics)Data storage deviceUsabilityFormal verificationService (economics)Multiplication signComputer animation
Matrix (mathematics)Data storage deviceData recoveryBackupComputing platformEncryptionKey (cryptography)Matrix (mathematics)Data storage deviceBackupMultiplication signProxy serverData recoveryInformation securitySign (mathematics)Network topologyMereologyPublic-key cryptographyWeb 2.0BitOrder (biology)Computer animation
Matrix (mathematics)Proof theoryFormal verificationOrder (biology)Social classSuite (music)Game controllerMathematicsLengthComputer animation
Game controllerAndroid (robot)Figurate numberFrame problemDataflowBitSocial classMetropolitan area networkSound effectWeb-DesignerVisualization (computer graphics)Right angleComputer animationProgram flowchart
Matrix (mathematics)Formal verificationCodeKey (cryptography)Message passingMathematicsDataflowFormal verificationVisualization (computer graphics)QR codeMetropolitan area networkModal logicPublic-key cryptographyKey (cryptography)Lipschitz-StetigkeitMobile WebCodeMedical imagingMoment (mathematics)Interactive kioskMusical ensembleComputer animation
Matrix (mathematics)Default (computer science)Client (computing)Subject indexingSynchronizationError messageEncryptionIdentity managementFormal verificationAndroid (robot)Vector spaceChemical equationMenu (computing)Sign (mathematics)Right angleSoftware developeroutputWeb 2.0Random matrixWindowMultiplication signArithmetic meanDifferent (Kate Ryan album)Address spaceCodeServer (computing)Computer animationSource code
PasswordDataflowMessage passingKey (cryptography)Default (computer science)EncryptionQuadrilateralFormal verificationData recoveryBitBackupData storage deviceLine (geometry)Disk read-and-write headCodeCASE <Informatik>Sign (mathematics)Computer animation
WebcamWeb 2.0QR codeEvent horizonCoefficient of determinationBranch (computer science)Right angleEncryptionSparse matrixFreezingService (economics)Computer animation
Hill differential equationGraphical user interfaceMathematical analysisPasswordImage registrationAndroid (robot)Goodness of fitProcess (computing)Cartesian coordinate systemRight angleComputer animationProgram flowchart
DreizehnBeta functionInformation securityExecution unitEncryptionMaize2 (number)QR codeAndroid (robot)CodeCartesian coordinate systemWritingComputer animationProgram flowchart
Information securityCodeMultiplication signMobile WebComputer animationProgram flowchart
Default (computer science)EncryptionAndroid (robot)Matrix (mathematics)Menu (computing)Software bugWeb 2.0Data storage device1 (number)Server (computing)Sign (mathematics)Right angleEvent horizonFormal verificationGoodness of fitComputer animationProgram flowchart
Formal verificationMatrix (mathematics)QR codeSubsetSharewarePhysicalismReal number
Multiplication signOffice suiteMoment (mathematics)Public-key cryptographyExterior algebraQR codeSign (mathematics)Endliche ModelltheorieSound effectMatrix (mathematics)Computer animation
Matrix (mathematics)Model theoryTransport Layer SecurityServer (computing)Client (computing)Perfect groupConsistencyClient (computing)Matrix (mathematics)Natural numberDifferent (Kate Ryan album)ConsistencyControl flowMessage passingHeegaard splittingServer (computing)View (database)Moment (mathematics)Context awarenessArithmetic mean2 (number)Service (economics)Computer animation
Matrix (mathematics)Transport Layer SecurityToken ringBackupKey (cryptography)Server (computing)Client (computing)PasswordSpywareFormal verificationCodePlastikkarteMusical ensembleDatabaseMessage passingSocial engineering (security)Moment (mathematics)BackupPhysical systemToken ringClient (computing)Key (cryptography)Vector spaceProxy serverSharewarePasswordServer (computing)Social engineering (security)QR codeMultiplication signInformation securityAlgebraField (computer science)WordType theoryImpulse responseSoftware developerSimilarity (geometry)CodeFormal verificationSpywarePublic-key cryptographyMusical ensembleComputer animation
Matrix (mathematics)Server (computing)CodePlastikkarteFormal verificationMusical ensembleDatabaseMessage passingSocial engineering (security)Key (cryptography)BackupControl flowClient (computing)Data storage deviceGame theoryCodeFormal verificationRight angleMultiplication signQR codeMessage passingKey (cryptography)Sign (mathematics)Shooting methodDressing (medical)Ultraviolet photoelectron spectroscopyEndliche ModelltheorieCASE <Informatik>Data storage deviceClient (computing)Web 2.0Pulse (signal processing)Information securityFreezingTouchscreenForcing (mathematics)Computing platformGame theoryServer (computing)Computer animation
CryptographyEncryptionMatrix (mathematics)Maximum length sequenceInformation securityKolmogorov complexityNetwork topologyPolygon meshGame theoryLikelihood functionVulnerability (computing)Term (mathematics)Bounded variationComplex (psychology)Matrix (mathematics)Computer animation
Matrix (mathematics)Canonical ensembleLoginCryptographyWeb 2.0Mobile appComplex (psychology)DataflowMultiplication signSoftware developerRight angleElectronic mailing listMatrix (mathematics)Point (geometry)Suite (music)Computer animation
Matrix (mathematics)NP-hardSoftwareTwitterFerry CorstenHand fanComputer animation
Matrix (mathematics)System administratorSelf-organizationInstance (computer science)WordSign (mathematics)Basis <Mathematik>NumberDataflowSocial classCASE <Informatik>Term (mathematics)AuthenticationLevel (video gaming)Web 2.0BitPlastikkartePublic-key cryptographyTouch typingQuadrilateralKey (cryptography)Limit (category theory)CurveComputer fileEnterprise architectureMatrix (mathematics)Sensitivity analysisSlide ruleSharewareCommunications protocolPhysical systemRule of inferenceCodeINTEGRALWhiteboardPerspective (visual)Computer animation
Matrix (mathematics)Communications protocolSoftware bugCASE <Informatik>Electronic mailing listFundamental theorem of algebraEncryptionMatrix (mathematics)Server (computing)Message passingVector spaceBackupQuadrilateralPlanningComputer networkFile formatFormal languageKey (cryptography)Replication (computing)Metric systemSynchronizationInformation securityPlastikkarteSign (mathematics)Content (media)BootingDataflowTheoryCloningProjective planeLevel (video gaming)Asynchronous Transfer ModeExtension (kinesiology)Line (geometry)Dynamical systemBitWaveCartesian coordinate systemProduct (business)Group actionCryptographySmartphoneInsertion lossTournament (medieval)OvalComputer animation
Matrix (mathematics)Client (computing)Matrix (mathematics)Semantics (computer science)Communications protocolCryptographyInformation securityDialectMessage passingCASE <Informatik>Event horizonCartesian coordinate systemGame theoryMultiplicationComputer animation
Matrix (mathematics)Line (geometry)Public domainBridging (networking)Matrix (mathematics)LaptopBitGame theoryBit rateEncryptionWeightComputer animation
Matrix (mathematics)Software bug1 (number)PseudonymizationDifferent (Kate Ryan album)Data conversionRemote procedure callFuzzy logicDegree (graph theory)Flow separationSign (mathematics)Information privacyElectronic mailing listWeb 2.0Term (mathematics)QuicksortMatrix (mathematics)Partition (number theory)Order (biology)MetadataLeakSystem administratorNetwork topologyServer (computing)CausalityMathematical analysisHeegaard splittingPersonal identification numberFaster-than-lightSoftwareReal numberClient (computing)Graph (mathematics)InformationComplete metric spaceInformation securityDirection (geometry)Cellular automatonOpen sourceArithmetic meanMusical ensembleUniform resource locatorWordPoint (geometry)Formal verificationComputer animation
Point cloudOpen sourcePresentation of a groupComputer animation
Transcript: English(auto-generated)