Closed sylvain101010 closed 1 year ago
There is no current plan to change the ciphers, but we wouldn't rule it out either. The current plan is to make e2ee usable and stable enough for regular use. We're also following the IETF's MLS effort and seeing if we can incorporate it into Matrix. If we do incorporate MLS into Matrix, it's likely that we would just use whatever ciphers it specifies, though it wouldn't be out of the question for us to make modifications if we felt that it was necessary.
MLS specifies several different ciphersuites that can be used. It requires implementations to implement X25519/AES-256-GCM/HMAC-SHA-256/Ed25519, but it also defines suites using X25519/ChaCha20-Poly1305/HMAC-SHA-256/Ed25519 and X448/ChaCha20-Poly1305/HMAC-SHA-512/Ed25519.
I'm going to go ahead and close this; as @uhoreg says, we have no immediate plans to change to change the ciphers used in olm and megolm.
Related issues include: https://github.com/matrix-org/matrix-spec/issues/1557, https://github.com/matrix-org/matrix-spec/issues/975, https://github.com/matrix-org/matrix-spec/issues/934.
Hi, I couldn't find an issue about this, so I open this one.
OLM and MegOLM use old cipher like
AES-256-CBC
,HMAC-SHA-256
which have a lot of drawbacks (like hard to review, vulnerable to hardware backdoors...).Is there any plan to use modern ciphers instead, like
XChaCha20-Poly1305
,blake2b
and so on?