Encrypting Matrix
Building a universal end-to-end encrypted communication ecosystem with Matrix and Olm
- Track: Security and Encryption
- Room: Janson
- Day: Sunday
- Start: 15:00
- End: 15:50
For the last 2 years the Matrix.org team has been working on libolm - a clean-room FOSS liberal-licensed (Apache) independent specification and implementation of the end-to-end encryption Double Ratchet Algorithm as popularised by Signal, WhatsApp, Facebook Messenger, Google Allo etc. As of November 2016 the spec and library is finally finished and being unleashed on the world, successfully audited by NCC Group, and is available as part of Matrix's client SDKs for Web, iOS & Android and apps that use them (e.g. Riot.im).
In this talk we will discuss Matrix's mission to be an open, global end-to-end-encrypted communications network - showing that it's possible to build open communication infrastructure which is both secure and decentralised (unlike the silos of Signal, Wire, etc); where users can own their data and pick who they trust to run their service. We'll show how you can use Matrix to securely defragment communities scattered over proprietary silos such as Slack, Telegram and Gitter, open silos like Rocket.Chat and MatterMost - whilst also bridging to IRC, XMPP and even SIP.
We'll also introduce the Megolm cryptographic ratchet - a new ratchet written by Matrix to tackle the specific problem of encrypting Matrix rooms, which may have thousands of users and require synchronised history over multiple devices (including new devices). Megolm is layered on top of the Olm ratchet, and is unusual in that it encrypts per-device rather than per-user, and lets rooms specify how much scrollback may be decrypted by new devices: providing a customisable trade-off between privacy and usability. This is a major step forwards from other systems which unilaterally prioritise privacy over usability.
Finally, we'll give a quick tour of all the FOSS clients, bots and bridges that the community has built on Matrix over the last year - ranging from native Qt clients (Quaternion, NaChat, Tensor), CLI apps (WeeChat), React webapps (Riot, Freebird) to Native mobile apps (Riot).
Matrix.org is a non-profit open source initiative dedicated to creating and maintaining the Matrix open standard for decentralised communication, whose goal is to create an open and secure ecosystem for interoperable messaging, VoIP and IoT communication on the internet.
Speakers
Matthew Hodgson |