User Tools

Site Tools


End-to-end encryption

What is encryption?

Encryption means scrambling a message in such a way that only those knowing the secret key can unscramble it. We use encryption to keep your messages and files private.

What is end-to-end encryption?

End-to-end encryption means your messages and files are encrypted before they leave your device, and stay encrypted until they reach the other participants' devices. End-to-end encrypted messages can only be read by the participants in the conversation.

Who can read my messages?

Thanks to end-to-end encryption, your messages can only be read by the participants in the conversation and nobody else. This means your messages can't be read by anyone at New Vector, or by any other third party. It also means that if you lose your keys, you won't be able to read your messages either.

Why can't I read a message?

If you can't read a message it's because your device doesn't have the right key. If your device doesn't have the right key, there are three ways you might be able to get hold of the key: ‍ Restore all of your keys from key backup Request the specific key from another device via key share Upload keys from a manual backup (advanced)

What is Key Backup?

When key backup is enabled, your device will maintain a secure copy of its keys on our server. To ensure those keys can only ever be accessed by you, they are encrypted on your device, with a key that you either store yourself, or secure with a passphrase and upload to our server. It is important to understand that to protect your privacy your keys will never touch our systems unencrypted.

Is it safe to back up my encryption keys to your servers?

Yes. Your keys are encrypted before they are uploaded to our servers, so we never see them unencrypted.

How do I set up key backup?

Go to User Settings → Security & Privacy and click Start using Key Backup.

How do I restore from key backup?

Go to User Settings → Security & Privacy and click Restore from Backup.

How do I request the key from another device via key share?

When Riot sees a message it can't decrypt, it automatically asks your other devices if they have a copy of the necessary key. Keys will be shared automatically with trusted devices - if the device with the key hasn't trusted the device requesting the key, the device with the key will pop up a prompt asking you to confirm the key share manually.

What is a 'device'?

For historical reasons, when we say 'device' we don't mean your phone or your laptop - you actually create a new 'device' each time you log in on Matrix (and destroy it again when you log out).

What does it mean to verify or trust a device in Riot?

Riot uses trust to represent an additional layer of security within the app, over and above username and password authentication. ‍ If somebody is sending messages as Alice, we know that they have access to Alice's account - either they've logged in with Alice's username and password, or they're using a logged in session, perhaps on Alice's phone. ‍ Usually, that somebody is going to be Alice. Unfortunately, in the real world, passwords can be guessed or sniffed and phones can be stolen. Riot's trust mechanism is designed to mitigate this. ‍ In Riot, you can see every device that has joined an encrypted conversation. If a new and unexpected device joins, you can use device verification to check that it's really Alice. And if you suspect that a trusted device has fallen into the wrong hands, you can revoke that trust and remove its access to the ongoing encrypted conversation. ‍ Verifying every device is, alas, still time-consuming — we’re working hard on a solution to this.

Are all of my messages encrypted?

No, messages are only encrypted in rooms with encryption enabled. You can enable encryption by going to Room Settings.

Why can't I search in encrypted rooms?

The search feature looks through the database to find matching messages. When the messages are encrypted, we can't read the messages to check whether they match!We're working on a solution to this, but for now searching is not possible in encrypted rooms.

What does the red/green symbol mean at the top of the encrypted room?

If an encrypted room has a green symbol next to the the room name, it means your device trusts every other device in the room. This is the gold standard. ‍ If instead there is a red symbol next to the room name, it means one or more devices are untrusted. ‍ Verifying every device is, alas, still time-consuming — we’re working hard on a solution to this.

matrix/end-to-end.txt · Last modified: 2020/06/04 19:23 by brickshop