[Feature Request] End-to-end encryption support

[giordy]

I'm adding this feature request because I don't see end-to-end encryption mentioned among the not-yet-supported features.

Given the distributed nature of Matrix, with messages landing on N possible unknown servers it would be nice to have it.

[pravi]

If purple-olm is made a separate plugin, then xmpp/omemo can reuse it as well. see https://developer.pidgin.im/ticket/16801

[penguin42]

I've started doing some work on this, but slowly, so far seem to have uploaded the keys OK and I'm starting to receive d2d messages.
https://github.com/penguin42/purple-matrix/tree/crypto

[PeaceRebel]

Hello, I can with the project. It seems @penguin42 have already made some advances. If he doesn't work on this anymore, I can continue with it. But I may need somebody to mentor me. @pravi

[axelsimon]

If purple-olm is made a separate plugin, then xmpp/omemo can reuse it as well. see https://developer.pidgin.im/ticket/16801

OMEMO has, essentially, been resolved on Pidgin, thanks to the Lurch plugin:
https://github.com/gkdr/lurch

There might be some possible code reuse there.

[andreygursky]

@penguin42, thanks for your efforts! Is #70 a first step or already usable E2E support (perhaps with known limitations)?

[rodneyrod]

How's the progress on this coming along?

[ghost]

I see #70 has not been merged. It quite been a while.
@penguin42 I'm thinking what can I help, although I have no encryption development experience.

[richvdh]

I've merged #70. I believe it provides decryption support, but encryption is not yet supported.

[marcelvb]

Great work so far, but is there any idea if encryption is ever supported? I'm trying to use matrix using riot.im web, riot android app and bitlbee (via libpurple). All seem to have different level of support for encryption and verification and it's very complicated now if you want to use them together.

[darnir]

IMO, if you want to use encryption on the Matrix protocol, the reference Riot clients are your best bet. On all other clients encryption support is currently a hit-n-miss.

[zyphlar]

I just installed and tried receiving encrypted messages in two different encrypted chats, no dice (via Pidgin, Ubuntu). My messages come through unencrypted, but I can't see any other messages. Unencrypted chat rooms work fine.

[x10d]

There is no way to create a new channel without encryption, so now this end-to-end encryption has become a necessity.

[richvdh]

https://github.com/matrix-org/pantalaimon/ might help those wanting to use e2e in clients where support is incomplete

[t3chguy]

There is no way to create a new channel without encryption

In what?
Element lets you create unencrypted rooms
for DMs it'll enable E2EE only if both participants have E2EE keys uploaded.

[adabru]

I didn't get pantalaimon to work with pidgin (on Arch with swaywm). It worked with fractal though, another matrix client. Furthermore I couldn't find a way in element.io to disable encryption entirely. There is an option to have an unencrypted room during creation, but a room can't be unencrypted after it was encrypted. Furthermore I didn't find a way to unencrypt incoming DMs. Outgoing DMs are sent unencrypted all fine but I couldn't receive any messages.
So yeah, I'd agree with x10d, for me this plugin is sadly unusable in pidgin without e2ee. If you participate in encrypted matrix communication with pidgin, please let me know how you do that. In the meantime I'll probably use another specialized matrix client in parallel.

[x10d]

Yes, there is possibility to create a new channel without encryption - and this is only way to communicate with others.
With DM there's no way to use it with Pidgin. Instead of DM, I have to ask to create separate channel to get it work without E2EE.
I didn't get pantalaimon to work with pidgin, either.

[ghost]

Do we have any news on this? Currently I'm not even receiving encrypted 1-on-1 messages on Pidgin.

[jaakristioja]

It seems that encrypted messages are just dropped. Not even a notification about receiving an encrypted message. Nothing.

I only found out that I've been ignoring my manager after he e-mailed me after a number of days.

[x10d]

I can only agree. Nothing comes from matrix-server to me, if I'm on encrypted channel.
My messages are sent to matrix-server and there they are visible as unencrypted.
If someone says 'you must be doing something wrong' - please show your recipe to do it properly.

[richvdh]

See the update at https://github.com/matrix-org/purple-matrix/blob/master/README.md#update-20220411.

[marcelvb]

I'm using matrix with libpurple in bitlbee. Is there any alternative to libpurple?

[martinetd]

shameless plug if folks are still looking for a way of joining matrix through their beloved irc clients -- feel free to give https://github.com/martinetd/matrirc a try.
It's not perfect but the heavy lifting is done through the matrix rust sdk and has been working for a few years with e2e/queries/channels, so hopefully if people care about something that's not done yet it'll be easier than purple-matrix.

Sorry if this was out of line, feel free to remove this comment but I was discussing bridges with friends and got pointed at this issue, plus the note in the README saying this is unmaintained, figured it might interest more than my inner circle.

[mkf]

for emacs users, ement might be of interest. also relies on pantalaimon for e2ee. in some ways, it's closer to a less-specialized client than a barebones terminal TUI client.

(i btw intend to see about pidgin with this plugin here & pantalaimon soon, will report if it works)