Looks like they got a security analysis (definition is different from security audits).
1 Like
I’m going to drop some notes here as a lot of stuff is out of date.
I would recommend looking at Delta Chat as a messenger, not an email client. Let me walk through some of the previous comments that caught my eye:
This is an issue when you use legacy/classic email servers. If you use dedicated Chatmail servers this is not a problem. Chatmail servers do not allow any emails to be sent or received unless they’re encrypted. If you try to use Delta Chat with a normal email server you need to at least send each other one message in cleartext so the key exchange happens in the background. With Chatmail servers you cannot message anyone without using an invite link or QR code that gives you their public key.
This was actually a bug due to inverted logic on iOS. It was ignoring the notifications in some edge cases like recently switching away from the app and it wasn’t backgrounded by iOS yet.
Probably a bug long since fixed. I’ve never encountered this in the last 6 months of heavy testing.
That’s true for legacy PGP usage, but Delta Chat’s implementation doesn’t have this problem. Even the Subject field is encrypted.
Delta Chat protects most message metadata by putting the following information into the end-to-end encrypted part of messages:
* Subject line
* Group avatar and name
* MDN (read receipt) requests (Chat-Disposition-Notification-To)
* Disappearing message timer (Ephemeral-Timer)
* Chat-Group-Member-Removed, Chat-Group-Member-Added
* Secure-Join header containing secure join commands
* Notification about enabling location streaming
* WebRTC room URL
E-Mail servers do not get access to this protected metadata but they do see the message date as well as the message size, and, more importantly, the sender and receiver addresses. E-mail servers need receiver addresses to route and deliver messages to recipient’s devices.
source: https://delta.chat/en/help#message-metadataSince the creation of Chatmail servers they have been pushing people away from using regular email addresses with Delta Chat. Based on my discussions with the devs it will continue to be supported as it can still be useful in some situations, but the app and onboarding pushes you to use Chatmail servers.
I already covered the metadata. Rolling keys/PFS is not important for most people. Do you keep your chat history? Congratulations, PFS gives you no advantages. If your device is seized they still get all your messages. How many people ensure all their chats have disappearing messages? I want all my chats with friends and family to be secure, but I also want the history and to be able to search them. So what is PFS going to do for me? Nothing.
PFS is still important if you’re a target of a sophisticated State-funded attacker.
Compatibility with old PGP: technically true. Although it’s not vulnerable to EFAIL and DeltaChat will generate keys that are Ed25519/Curve25519 and use AES128 for the session keys. It’s technically possible for someone to manually import an ancient DES PGP key and use it via a normal email address. This is a pretty extreme scenario though.
Try Delta Chat again. It has in-chat apps now via WebXDC.org. It can do realtime p2p comms that bypasses the email servers. It’s fast. It has a quality client on all major platforms. It is open, permissionless, and federated. The Chatmail servers scrub metadata and logs. The Chatmail servers require significantly lower resources to host users than Matrix – even less than XMPP.
There are a lot of interesting things on the horizon such as making it possible to have it automatically register new random accounts on different Chatmail servers and rotate through them transparently. Your contacts and chat groups wouldn’t notice anything changed (a feature of AEAP), but it makes it very hard for adversaries to track you.
Try it again, but only with Chatmail servers. I think you’ll be pleased.
2 Likes
(had issues with new account limited on links)
example Chatmail servers:
- nine.testrun.org (their semi-official one they do all their R&D on)
- bcc.chat
- chat.feld.me
- tarpit.fun
- mailchat.pl
Keep in mind that the reason these work and aren’t a vector for spammers getting free email addresses is that you can’t send any email from a Chatmail server that isn’t encrypted, so open / automatic signups works perfectly fine. Spammers can try to register accounts but they’ll never be able to do anything with them.
For reference, the threat PFS protects against is passive MITMs collecting your encrypted network traffic to try and decrypt it later.
If you use Signal while a MITM stores all your network traffic, and you delete a message locally, and later your device is seized by that MITM operator, then that deleted message is still virtually unrecoverable.
If you use Delta Chat in this same scenario, the deleted message could be recovered by the MITM operator using your seized encryption keys to decrypt the past encrypted messages they had stored.
It’s theorized that the NSA regularly stores this data. Whether that’s true and whether other agencies/countries do this as well is not really for me to say, but I can see why it would be a concern to people.
PFS just adds a greater degree of assurance that your past messages can be secured if you choose to do so, nothing to do with message history or anything client-side (indeed Signal will soon allow synchronized message history). At the same time, I know plenty of people who enable Disappearing Messages by default, which is automatically applied to both sides of a conversation.
All this being said, I am pretty convinced that decentralization is more important to some people than the benefits of PFS above, so I’m not against looking at Chatmail servers either.