MSC3903: X25519 Elliptic-curve Diffie-Hellman ephemeral for establishing secure channel between two Matrix clients

[hughns]

Rendered

• Clients:
  • Element Web: Support sign in + E2EE set up using QR code implementing MSC3886, MSC3903 and MSC3906 matrix-js-sdk#2747
  • Element iOS: Add rendezvous service (MSC3886) and ECDH X25519 AES 256 based secure… element-hq/element-ios#6806
  • Element Android: Implement logic for sign in with QR element-hq/element-android#7369

[turt2live]

it sounds like this is duplicating Olm sessions over to-device? Early on in this proposal there should be something to address that.

[hughns]

Yes, acknowledged.

[hughns]

Well, no. It's actually that you could achieve this with to-device messaging instead.

[uhoreg]

MSC3886 vs to-device messaging is one thing, and I appreciate you creating a comparison of the two. But I think we still need a comparison between this and Olm. I think a natural question is why can't we just do Olm over MSC3886?

[turt2live]

this^

[hughns]

I concur that the feasibility of Olm over MSC3886 should be assessed.

[notramo]

This is horrible UX.

[notramo]

This is CRAPPY, HORRIBLE UX! WHY? Why another visual comparison, another “I don't get what should I do now.” moment for users? Matrix already has too much visual comparison in its UX.

You already have a secure channel by means of QR code. Utilize it well, so users don't have to compare checksums.

[uhoreg]

The QR code is only secure in the sense that you can be sure that its contents were generated by the device that you're trying to communicate with. But it is not secret, as it is sometimes possible that someone else can scan the QR code as well. So unless you have another step (in this case, a visual comparison) to verify that the other public key was transmitted correctly, you cannot be sure that the channel is secure.

[turt2live]

Like in #3886 (comment) , the author believes this is ready for FCP. The MSC appears to have conflicts with toDevice messaging though, so to get a slightly different review tone I'm putting this in technical review needed.

This doesn't mean the MSC isn't ready for FCP, just that the review given should be more useful to handle.

@matrix-org/spec-core-team please review this for technical design.

[hughns]

There has been more engagement in the topic of to-device messaging in #3886 so I have consolidated the notes and discussion onto that proposal so that they can be worked through more easily.

[uhoreg]

The info should be different, otherwise the checksum will leak bits of the encryption key. You can prepend the info with checksum|.

[dkasak]

Yep. As it stands, this looks like a gaping hole.

[uhoreg]

Suggested change

	**1c.** The initiator shares it's key with the recipient via a trusted medium
	**1c.** The initiator shares its key with the recipient via a trusted medium

[uhoreg]

MSC3886 vs to-device messaging is one thing, and I appreciate you creating a comparison of the two. But I think we still need a comparison between this and Olm. I think a natural question is why can't we just do Olm over MSC3886?

[uhoreg]

I don't think that this protects against replay attacks. That might be OK if the thing built on top of it can detect if a message is replayed (e.g. if messages have a definite order, so a replayed message would be flagged as being out of place), but I think it should be mentioned.

[turt2live]

this^

[turt2live]

nit: please use markdown's built-in numbering/bullet system

[dkasak]

The reference to MSC3906 should be clarified by stating what kind of relationship it has with this MSC.

Suggested change

	In [MSC3906](https://github.com/matrix-org/matrix-spec-proposals/pull/3906) a
	proposal is made to allow a user to login on a new device using an existing
	device by means of scanning a QR code.
	[MSC3886](https://github.com/matrix-org/matrix-spec-proposals/pull/3886) already
	proposes a simple unsecured rendezvous protocol.
	In this proposal we build a secure layer on top of MSC3886 to allow for trusted
	out-of-bands communication between two Matrix clients.
	In [MSC3906](https://github.com/matrix-org/matrix-spec-proposals/pull/3906) a
	proposal is made to allow a user to login on a new device using an existing
	device by means of scanning a QR code, followed by exchanging some messages over
	a secure channel.
	[MSC3886](https://github.com/matrix-org/matrix-spec-proposals/pull/3886) already
	proposes a simple unsecured rendezvous protocol.
	In this proposal we build a secure layer on top of MSC3886 to allow for trusted
	out-of-bands communication between two Matrix clients, which satisfies the
	requirements of MSC3906.

[dkasak]

Suggested change

	The proposal is to use X25519 to agree a shared secret that is then used to
	perform AES.
	The proposal is to use X25519 to agree on a shared secret that is then used to
	perform AES.

[dkasak]

Suggested change

	**1a.** The initiator generates a ephemeral Curve25519 private key `privateA`.
	**1a.** The initiator generates an ephemeral Curve25519 private key `privateA`.

[dkasak]

Suggested change

	public key `publicB` and shares is using the same structure of payload:
	public key `publicB` and shares it using the same structure of payload:

[dkasak]

This entire MSC is essentially re-specifying ECIES (some more resources: [1], [2]).

MIT-licensed ECIES implementations in Rust, Python, TypeScript and Golang available here.

[dkasak]

Suggested change

	devices have not directly exchanged keys with one another and are subject to a man-in-the-middle.
	devices have not directly exchanged keys with one another and are subject to a
	man-in-the-middle attack.

[dkasak]

Yep. As it stands, this looks like a gaping hole.

[hughns]

It is proposed that MSC4108 supersedes this MSC.

[hughns]

Closing this PR as #4108 is now ready for review.