Matrix and E2E-Encryption – or: how not to lose your messages

Posted on by Alturiak

(This posting has been translated from the german original)

As with all messengers taking end-to-end-encryption seriously (I’m looking at you, WhatsApp), you are responsible for managing your encryption keys when using matrix. In addition to your account password (the one you’re using to log in to the server), you’ve got to safeguard a secret granting you access to your end-to-end-encrypted messages. Fortunately, this is a lot more comfortable in the matrix-universe than with many other messengers.

TLDR: Not losing your messages in two steps

You’re not interested in the text below or it’s simply too long? Just follow these two steps:

  1. Activate Secure Backup in your Desktop-Client (Settings -> Security & Privacy)
  2. Save the Security Phrase or the Security Key in a way that you can reproduce them (password manager!)

Settings -> Security & Privacy should look like this:

Done. If you keep your Security Phrase / Security Key safe, you’ll be able to restore all encrypted messages anytime.

Why the hassle?

Should someone gain access to your account password or to the server (which is inevitable for your server admin), this someone would be able to log in to your account or access messages stored on the server but will not have access to your previously sent or received messages. End-to-end-encryption is enabled by default for all 1:1-chats and can optionally be activated for any room. Your input line will look as follows in e2e-encrypted rooms:

A little background: How does the encryption work?

Simply put, in end-to-end-encrypted rooms, session keys will be exchanged between all devices and changed regularly (once per week or when a new device is added to the room) – this is completely automated but is an important detail to keep in mind.

All of these session keys are initially stored by your existing clients only. Should you add another client to your account (e.g. on your phone or after reinstalling your system) and log into your matrix-account, this client will initially not have access to any previously sent or received encrypted messages:

Without a backup of your session keys, the message is gone forever. 😥

Fortunately, matrix does offer quite a few ways of backing up your keys:

  • your own clients may share keys with each other
  • the keys may be stored on the server (Secure Backup)
  • the keys can be exported in your client and imported into another client (Offline-Backup)

Sharing keys among your clients

This is the most simple way to share encryption keys. Whenever multiple of your clients are online and one of them has the keys to any given message, these keys will be shared among all clients. All your clients are able to access the messages.

For this to work, the clients need to have verified each other once. Recently, this has been solved by the so-called cross-signing. When logging in with a new client, it will prompt you to verify it from another of your clients by comparing a series of emoji on both clients. If they match, you’re all set.

Important: Only desktop-clients (not including browser-clients) keep your keys for a prolonged period of time. As the keys change regularly, browser- and mobile clients will usually not have all keys available and are therefore not able to share them with other clients. Running at least one installation of element-desktop and starting it regularly is highly recommended to make sure that one instance has all the keys available (as element-desktop offers search within encrypted rooms, it will regularly cache all messages and therefore all keys).

As this method is not 100% reliable for reasons mentioned above, additionally using one of the following method is recommended.

Storing your keys on the server: Secure Backup

To avoid having to manage your keys yourself and still have them available if none of your other clients are online, you can have the keys stored on the server.

Wait a minute. Won’t this mean that the server-admin is able to access encrypted messages? No, because your encryption keys are also secured with a passphrase (“Security Phrase”) only known to you – which you need to keep safe (password manager!). For this reason, your Security Phrase should obviously not be identical to your account password.

Usually, your client will prompt you to set up Secure Backup after your first login. In case you skipped it, you can do so at Settings -> Security & Privacy.

Without your Security Phrase, your Secure Backup is for the birds. In that case, you should reset your Secure Backup and reinitialize it with a new Security Phrase or Security Key (in element-desktop). Keep in mind: a Security Phrase you can remember is probably not secure. Please use a reasonably long passphrase (at least 16 characters, more is better), you’re keeping safe.

You might need to re-verify your other clients after resetting Secure Backup.

Finally, the result should look like this:

Security Key and Security Phrase

Alternatively to (or in combination with) your Security Phrase, you may also use a Security Key to secure your Secure Backup. The Security Key is a string of characters that is generated by your client, which you have to keep safe – just like your Security Phrase. It can be stored either as a file or as a string of characters (e.g. in your password manager).

Same as your Security Phrase, the Security Key can be used to restore your keys from Secure Backup. You can choose between using a Security Key and a Security Phrase when setting up Secure Backup:

In case you’re worried about having to come up with a secure Security Phrase on your own, just use the Security Keys. Other than that, both methods are equal.

Exporting and importing keys manually

Lastly, there is an offline-backup for your encryption keys. You can download your keys as a text file at Settings -> Security & Privacy -> Cryptography and save them somewhere accessible to you. This file will also be encrypted with a passphrase and without the passphrase, the file will be useless. So, please save the passphrase in your password manager.

As noted above, the encryption keys will change regularly, so you will need a recent export of your encryption keys to be able to restore recent messages. Exporting your keys is highly recommended before reinstalling your system, for example. Should you not wish to use the Secure Backup described above, please export your e2e room keys regularly and keep them safe and secure.

Feedback

I probably kept some parts too brief and probably incomprehensible to some. Please don’t hesitate to contact me in case of any questions, I’d be happy to improve this posting.

2 thoughts on “Matrix and E2E-Encryption – or: how not to lose your messages

  1. Pingback: Matrix und E2E-Encryption – oder: was muss ich tun, um keine Nachrichten zu verlieren – technoid
  2. Pingback: Tomáš's webnest: Matrix and E2E-Encryption – or: how not to lose your messages

Comments are closed.