It doesn’t lack E2EE in the actual protocol at least. I’ll be honest though I don’t think matrix belongs there, it’s basically just decentralized discord but with optional E2EE. In fact E2EE by default should be a requirement as well.
1 Like
Element has forward secrecy, it’s just that technically with a backup passphrase you’re able to restore your session keys.
If you chose to use no backup and you chose not to export your session keys I don’t see how that would be different. Olm is actually very similar to the Signal Protocol.
I wouldn’t do that until MLS is more mainstream because for large rooms in any messenger you’re always going to have issues with E2EE. We do have that requirement for 1:1 or “private” chats as it is assumed if something is private it’s meant to be private from anyone as opposed to public rooms that anyone can join.
One of the main concerns I have with session is actual general activity within the project. It does seem things have dropped off
Then of course a while ago there was this article which brought up some questionable points about the cryptography in general.
As far as Loki (and dVPNs) go I’ve never been a fan of these networks, they normally never have enough nodes to actually be seriously anonymous.
Basically because of the reasons I never supported the inclusion…
It doesn’t rotate keys per message, it’s per X messages. I don’t remember what X is, maybe 100?
It’s the megaolm key and it’s 100, as well as every 7 days.
Message events in a room are encrypted using Megolm, which is a combination of AES with a ratchet (state events are unencrypted). The ratchet is like a zip tie. It ticks forward by one step every time you encrypt a message with it. If you send someone a Megolm key at a specific ratchet position, they can decrypt all future messages with it. They can’t decrypt older messages with it. This makes encryption pretty efficient, since you only need to send the encryption key once to all people and they can decrypt future messages with it too. Now obviously if someone leaves the room, you don’t want them to be able to decrypt messages anymore, so in that case you create a new key. Similarly if 7 days passed or you used the key for 100 messages already, clients will also generate a new Megolm key. This means an attacker can’t just read all messages by compromising a single key.
1 Like
Some clarification:
It can still be argued that SimpleX’s Tor integration is ineffective, as it is not enabled by default (“privacy by default”). In fact, it requires downloading Orbot.
Of course, SimpleX’s Tor integration is more of a courtesy compared to their Private Message Routing, which is enabled by default when sending to unknown relay servers.
There have of course been arguments between the “no identifiers” and “devolved mixnet” camps about the possibilities of traffic correlation when using PMR. But in the least, PMR is more of a “feature” than the Tor integration; the latter cannot be a point of comparison as long as Session has baked-in onion routing capabilities, to say nothing of comparing PMR and Session.
You don’t need an exit node to use Session (that’s not what these exit nodes are for).
The topic of Session vs. Lokinet vs. Tor is too long to cover here. But the lack of free Lokinet exit nodes means one thing only: that Lokinet is not widely used as a Tor alternative. It does not say anything about the effectiveness of the 2000+ service nodes currently powering Session & Lokinet.
Session’s nodes connect the Session clients with message storage swarms, file servers and Session Community servers without requiring a translation layer. This is thanks to the fact that all these services speak the Session onion routing protocol.