In this thesis, we analyze the cryptography in Rocket.Chat’s end-to- end encryption protocol and uncover flaws in its current design. We show, among other things, that it provides no security if the server is actively malicious, that encrypted messages are not safe if the database is leaked, and that malicious privileged users can gain access to decrypted messages without being a room member and hijack user sessions
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Cryptography in the Wild: Analysing Jitsi Meet [2022] | 0 | 127 | August 19, 2024 | |
| Meet DAVE: Discord’s New End-to-End Encryption for Audio & Video | 11 | 1238 | September 25, 2024 | |
| Picocrypt is finally getting a security audit! | 21 | 1926 | December 19, 2024 | |
| How Secure Messaging Apps Leak Sensitive Data to Push Notification Services | 2 | 378 | July 18, 2024 | |
| Breaking Cryptography in the Wild: The Loose Ends of the Wire App | 3 | 383 | September 23, 2024 |
Massive organizations are monitoring your online activities. Privacy Guides is your central privacy and security resource to protect yourself online.
Privacy Guides is a non-profit, socially motivated website that provides information for protecting your data security and privacy.
We do not make money from recommending certain products, and we do not use affiliate links.