-
-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Element Desktop: Duplicate message index #16428
Comments
I am seeing this behavior on the desktop client (windows 10) and the web client (running in Chrome), but messages which are failing to decrypt in the browser and the desktop app decrypt without issue on the Android client. |
I am experiencing this with the desktop client as well. Another symptom i have observed is a posted image will suddenly disappear on other devices. Refreshing the cache on those devices does not force the image to reappear. The disappearing image always preceeds the “duplicate message possible replay attack” error message. |
Another unable to decrypt with the errors from the log. 2021-02-11 19:26:23,893 - synapse.api.auth - 340 - WARNING - GET-4656 - Unrecognised access token - not in store. 2021-02-11 19:26:31,928 - synapse.http.server - 74 - INFO - GET-4679 - <SynapseRequest at 0x7f10c0982e20 method='GET' uri='/_matrix/client/r0/room_keys/version' clientproto='HTTP/1.0' site='8448'> SynapseError: 404 - No backup found |
I am able to reproduce. Sign in with web client. Synapse version Element-web 1.7.20 |
Saw this in normal group chat as well, out of the blue, and no pictures posted before it. It was a reply tho. on android it works fine |
Same problem here. Message on Andriod App is decrypted, on Desktop Client and iOS message is encrypted with |
@electricOzone if you clear the cache in your desktop client, the message will be decrypted there too. Just tested it with the Linux desktop client. Hmmm ... so there must be a difference to the Andriod client, which doesn't have this problem. |
The following clients are affected by this problem: Linux V 1.7.20, MAC V 1.7.21, iPad V 1.2.1. Clearing the cache decrypts the message on all clients. |
Cleaning cache does not decrypt message for me. I am using the latest version of element web. |
Clearing the cache in the web version does not work for me either. |
We also observe this issue, though I first thought this affected all other sessions other than the sending element iOS and I filed it there, see element-hq/element-ios#7376. See element-hq/element-ios#7376 (comment) for a video reproducing the error and following discussion that this might not be an element iOS issue. |
Observing the same issue. Occurs with Element on Windows, macOS, Linux, and Web. iOS appears fine. Clear cache resolved the most recent occurrence, however past messages that came through without issue are now presenting the issue when scrolling back. Occurs with BOTH users in both a direct message as well as a newly formed room. |
Same here! Mostly after the other party has sent a picture. Clearing cache does not solve it and it's happening with the same messages on all Desktop and Web sessions. See my comment in #25108 ... I think it is in fact not a key issue, but an Element-Web / Desktop issue where these messages are mistakenly interpreted as a "replay attack" (which they are in fact not). IOS and Android apps are all fine in these chats! Unfortunately this is open since 2 years and nobody seems to care about ... |
Same issue happening. reinstalled Element desktop and continues to produce errors even after reset/reload, and total reinstall & reverify. started suddenly today, using for years. |
I just got this error recently also.... Apparently, it was because of a duplicate message, the person I was talking with sent me screenshot which showed that the message that gave me that error above was an exact duplicate of the previous message right above it. Now I don't know if the chat glitched and created the duplicate message itself or if he had done it accidently. I'm using Element Desktop Element version: 1.10.10 |
Myself and a friend both have this issue on the exact same message. iOS shows fine, Android shows fine, element-web shows the duplicate message index error. |
Same problem, iOS shows the message fine, element-desktop is unable to decrypt
element-desktop:
|
It looks like the likely root cause of the most common scenario has been found in element-hq/element-ios#7499 In short, there are probably 3 separate problems that would be great to fix:
EDIT: Thinking about this more, the implementation of this check itself is broken. If the contents of the message are different, and it's encrypted with the right keys, the message is obviously not a replay attack and can only be a bug in the index. The index is included in the encrypted space of the message, and this check is there only to make sure someone isn't blindly replaying old messages, (see notes in the megolm spec). The risk being mitigated is if an attacker without the keys replays an old message (index + contents), an attacker is not able to send a message with a duplicate index and different content unless they have the keys. And if it was an attack, the attacker could just flood a room with these "Unable to decrypt" messages and render the room unusable in the client anyways, so this check is almost entirely useless as it's currently implemented in the Web client. iOS and Android Clients seem correct in ignoring these issues, and at most should display a warning. |
I think the broken usage of the share extension should be fixed first, not the relaxed handling of this error in mobile clients. I'm really happy, that all of my family uses android and ios apps and don't see this bug, that would lead to support requests and discussions about "never had problems with other messengers..." sigh [ beside: I'd like to have some -Wall feature like with gcc. All Warnings for tech persons and relaxed handling (and silent ignoring) of such errors for people who are not really interested in security at all. ] |
Closing in favour of #25108 element-hq/element-ios#7499 is the cause of the actual issue |
Note that this issue is S:Major and #25108 is S:Minor, so closing this one in favor of that has effectively demoted the issue. |
Description
Intermittently, messages are appearing with error:
** Unable to decrypt: Error: Duplicate message index, possible replay attack
. This doesn't always happen from a specific sender. Messages before and after the affected message generally appear correctly. ClickingRe-request encryption keys from your other sessions.
has no effect. This happens on all 3 of my Element Desktop sessions.In my case, these are not due to duplicate messages, they are due to actual messages from my contacts. I'm able to read these messages normally in Element Android. For reference, I set up all of my sessions by scanning the QR code with my Element Android session for verification. I have green shields with all contacts where this issue is occurring.
Steps to reproduce
** Unable to decrypt: Error: Duplicate message index, possible replay attack
Describe how what happens differs from what you expected.
Logs being sent: yes
Element Desktop:
Element Android:
Version information
The text was updated successfully, but these errors were encountered: