Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modern encryption #597

Closed
sylvain101010 opened this issue Mar 14, 2020 · 3 comments
Closed

Modern encryption #597

sylvain101010 opened this issue Mar 14, 2020 · 3 comments
Labels
A-Client-Server Issues affecting the CS API A-E2EE Issues about end-to-end encryption enhancement A suggestion for a relatively simple improvement to the protocol

Comments

@sylvain101010
Copy link

Hi,
I couldn't find an issue about this, so I open this one.

OLM and MegOLM use old cipher like AES-256-CBC, HMAC-SHA-256 which have a lot of drawbacks (like hard to review, vulnerable to hardware backdoors...).

Is there any plan to use modern ciphers instead, like XChaCha20-Poly1305, blake2b and so on?
@turt2live turt2live added A-Client-Server Issues affecting the CS API A-E2EE Issues about end-to-end encryption enhancement A suggestion for a relatively simple improvement to the protocol question Further information is requested labels Mar 15, 2020
@uhoreg
Copy link
Member

uhoreg commented Mar 16, 2020

There is no current plan to change the ciphers, but we wouldn't rule it out either. The current plan is to make e2ee usable and stable enough for regular use. We're also following the IETF's MLS effort and seeing if we can incorporate it into Matrix. If we do incorporate MLS into Matrix, it's likely that we would just use whatever ciphers it specifies, though it wouldn't be out of the question for us to make modifications if we felt that it was necessary.

@uhoreg
Copy link
Member

uhoreg commented Nov 22, 2020

MLS specifies several different ciphersuites that can be used. It requires implementations to implement X25519/AES-256-GCM/HMAC-SHA-256/Ed25519, but it also defines suites using X25519/ChaCha20-Poly1305/HMAC-SHA-256/Ed25519 and X448/ChaCha20-Poly1305/HMAC-SHA-512/Ed25519.

@jtrees jtrees mentioned this issue Mar 1, 2022
Closed
@t3chguy t3chguy mentioned this issue Mar 1, 2022
Open
@richvdh richvdh transferred this issue from matrix-org/matrix-spec-proposals Mar 1, 2022
@richvdh richvdh removed the question Further information is requested label Mar 2, 2022
@richvdh
Copy link
Member

richvdh commented Jun 8, 2023

I'm going to go ahead and close this; as @uhoreg says, we have no immediate plans to change to change the ciphers used in olm and megolm.

Related issues include: #1557, #975, #934.

@richvdh richvdh closed this as completed Jun 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-Client-Server Issues affecting the CS API A-E2EE Issues about end-to-end encryption enhancement A suggestion for a relatively simple improvement to the protocol
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@uhoreg @turt2live @richvdh @sylvain101010