Skip to main content

ISG researchers discover vulnerabilities in Matrix protocol

Site search

ISG researchers discover vulnerabilities in Matrix protocol

  • Date28 September 2022

A team of cryptographers – Dan Jones and Martin Albrecht (Royal Holloway), Sofía Celi (Brave) and Benjamin Dowling (University of Sheffield) has found several, practically-exploitable cryptographic vulnerabilities in the end-to-end encryption provided by the popular Matrix protocol and its flagship client implementation Element.

Telegram

These attacks break the confidentiality and authentication of end-to-end encrypted messages against a malicious server and allow such a server to read user messages and to impersonate them to each other. The research paper (pre-print) is available online and a first set of countermeasures and mitigations has been released on Wednesday, 28 September by the Matrix developers.

Matrix is an open-source project that aims to provide secure, decentralised, real-time communication.While Matrix’ federated nature makes it difficult to assess how widely it is used, several notable organisations and institutions have adopted it or announced plans to do so. For example, both KDE and Mozilla announced plans to switch their internal communications to Matrix in 2019; the Fourth Estate announced its plans to build an encrypted messenger for journalists and news organisations based on Matrix in 2021; the French government announced plans to create their own instant messaging app – Tchap – based on Matrix which was released in 2019; the German ministry of defence launched BwMessenger – for use in internal, official (and classified) communication – based on Matrix in 2020 with a view to move over other parts of the German government; the German healthcare system announced its plans to adopt Matrix in 2021. In March 2021, matrix.org – the most popular Matrix server – announced that there are 28 million global visible accounts. The Element website claims +60M Matrix users.

The attacks work in the setting where encrypted messaging and verification are enabled, i.e. in the presence of the strongest protections offered by the protocol. A caveat worth noting is that if this condition is not satisfied, even for one device or user, then e.g. impersonation becomes trivial. While Element already supports the option of refusing to send messages to unverified devices, an option that is being extended in today's fixes, it does not reject messages from such devices. Thus, unless a client-side option is provided to reject all communication from unverified devices or rooms with such devices within them, Matrix clients will not provide a secure chat environment regardless of cryptographic guarantees provided for verified devices.

Dan Jones, a PhD candidate at Royal Holloway, University of London and the study's main author, commented: "While today's fixes are not complete, these are good first steps towards ensuring that Matrix lives up to its promises of confidentiality and authentication. The longer term plans communicated to us by the Matrix developers should then provide full protection against our attacks. Matrix occupies a unique position within the messaging space, providing an end-to-end encrypted federated messaging platform. We hope our work inspires others to scrutinise its security to ensure that potential further issues are found-and-fixed or ruled out early. Doing so will help to strengthen the platform and ensure its long-term viability."

 

More news

Browse all news

Study suggests that AI can detect your password from the sound of keys being pressed

24 Nov 2023

Artificial Intelligence can work out a password by listening to individual keystrokes on a person’s keyboard, according to new research co-authored by Dr Maryam Mehrnezhad from the ISG.

Dr Fauzia Idrees Abro recognised among Top 100 at Future CISO 100 Awards

23 Oct 2023

Dr Abro was one of only three winners from within the education sector

New conversion masters opens for January 2024 entry

03 Oct 2023

Our conversion course is ideal for students with little prior exposure to programming, machine learning or cyber security to prepare for a career in the data science and information security industry

Spring 2023 CDT Newsletter

24 Apr 2023

This edition summarises the last year of activities in our EPSRC Centre for Doctoral Training (CDT) in Cyber Security. There is a report from the CDT Director, several news updates, and articles from

Explore Royal Holloway

Scholarships

Get help paying for your studies at Royal Holloway through a range of scholarships and bursaries.

Clubs and societies

There are lots of exciting ways to get involved at Royal Holloway. Discover new interests and enjoy existing ones.

Accommodation

Heading to university is exciting. Finding the right place to live will get you off to a good start.

Support and wellbeing

Whether you need support with your health or practical advice on budgeting or finding part-time work, we can help.

Departments and schools

Discover more about our 21 departments and schools.

Research Excellence Framework

Find out why Royal Holloway is in the top 25% of UK universities for research rated ‘world-leading’ or ‘internationally excellent’.

Challenge-led research themes

Royal Holloway is a research intensive university and our academics collaborate across disciplines to achieve excellence.

Research institutes and centres

Discover world-class research at Royal Holloway.

Royal Holloway today

Discover more about who we are today, and our vision for the future.

Our history

Royal Holloway began as two pioneering colleges for the education of women in the 19th century, and their spirit lives on today.

Our alumni

We’ve played a role in thousands of careers, some of them particularly remarkable.

Governance

Find about our decision-making processes and the people who lead and manage Royal Holloway today.