* Posts by martinralbrecht

1 publicly visible post • joined 29 Sep 2022

Matrix chat encryption sunk by five now-patched holes

martinralbrecht

Re: Shrug

We, the research team, were pretty clear that these were both implementation and protocol issues:

"""

Are these attacks design flaws in the Matrix specification?

We will explain this one by one by using the name of the attacks previously defined:

a. Simple confidentiality break: The root cause of this attack is the fact that room management messages are not authenticated, which is a design flaw in the protocol itself, as no mechanism was specified for authentication of such messages.

b. Attack against out-of-band verification: This attack exploits an insecure implementation choice enabled by a design flaw in the specification as there is no domain separation enforced there.

c. Semi-trusted impersonation: This is mostly implementation bug supported by a lack of guidance on the processing of incoming key shares in spec.

d. Trusted impersonation: This is an implementation error as no check is performed to check whether Olm is used for encryption or not.

e. Impersonation to confidentiality break: This is an implementation error as no check is performed to check whether Olm is used for encryption or not.

f. IND-CCA break: This theoretical attack exploits a protocol design flaw.

"""

https://nebuchadnezzar-megolm.github.io/