Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

E2E: Unwedge olm sessions broken due to duplicated OTKs #3818

Closed
manuroe opened this issue Nov 19, 2020 · 1 comment · Fixed by matrix-org/matrix-ios-sdk#951
Closed

E2E: Unwedge olm sessions broken due to duplicated OTKs #3818

manuroe opened this issue Nov 19, 2020 · 1 comment · Fixed by matrix-org/matrix-ios-sdk#951
Assignees
@manuroe
Labels
A-E2EE T-Defect Something isn't working: bugs, crashes, hangs and other reported problems
Milestone
Sprint - Element ...

Comments

@manuroe
Copy link
Member

manuroe commented Nov 19, 2020

Because of a wrong OTK uploaded to the server (#3721, #3817), devices may not able to establish valid olm sessions between them.
The olm unwedge mechanism seems not to work in this case.

The scenario is:

  • Bob succeeds (unfortunately) to publish a duplicate OTK (badBobOTK)
  • Alice sends a message to Bob. She shares the new megom key using a new olm session based on badBobOTK
  • Bob fails to start this inbound olm session (with error BAD_MESSAGE_KEY_ID)
  • Bob cannot get the megolm key for the the olm message
  • Bob cannot decode Alice's message
  • All messages sent by Alice will be undecryptable for Bob. The olm session stays broken forever.
@manuroe manuroe added this to the Sprint 33 milestone Nov 19, 2020
@manuroe manuroe added T-Defect Something isn't working: bugs, crashes, hangs and other reported problems A-E2EE labels Nov 19, 2020
@manuroe manuroe self-assigned this Nov 19, 2020
@manuroe
Copy link
Member Author

manuroe commented Nov 20, 2020

The olm session unwedge mechanism does not work because it can retry using another bad OTK.

We are going to make the crypto module purge all its published OTKs in the next version to restart with a sane state.

@manuroe manuroe mentioned this issue Nov 24, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@manuroe manuroe

Labels
A-E2EE T-Defect Something isn't working: bugs, crashes, hangs and other reported problems
Projects
None yet
Milestone
Sprint - Element 1.1.3
1 participant
@manuroe