Matrix is an ambitious project to build a open decentralised real-time communication network; providing an open standard protocol and open source reference implementations, letting anyone and everyone spin up a Matrix server and retake control of their real-time communication. Matrix is looked after by the non-profit Matrix.org Foundation, and as of Oct 2019 we have over 11.5M addressable users and around 40K servers on the public network.
Over the course of 2019 we spent a huge amount of time finalising Matrix's end-to-end encryption so we could finally turn it on by default without compromising any of the behaviour users had grown accustomed to in non-encrypted rooms. Specifically, the main remaining blockers were:
Ability to search in E2E encrypted rooms (now solved by Seshat: a Rust-based full-text-search engine embedded into Matrix clients)
Ability to get compatibility with non-E2E clients, bots and bridges (now solved by pantalaimon: a daemon which offloads E2E encryption)
Reworking the whole encryption UI to expose cross-signing to radically simplify key verification (including QR-code scanning for simplicity)
Ability to receive notifications in E2E encrypted rooms.
However, we have finally got there, and this talk will demonstrate how the final E2EE implementation works; the final problems we had to solve; the threat model we have implemented; and how we're doing on rolling it out across the whole network. More interestingly, we will then demonstrate a variety of attacks against the encryption (e.g. shoulder-surfing QR codes during device verification; MITMing TLS; acting as a malicious server implementation; global passive adversary) to demonstrate how well we handle them.