matrix-rust-sdk icon indicating copy to clipboard operation
matrix-rust-sdk copied to clipboard
verified publisher icon matrix-org

Messages sent from insecure devices can sometimes be decrypted when `Exclude Insecure Device` is on

Open BillCarsonFr opened this issue 7 months ago • 2 comments

I have enabled the option to Exclude insecure devices, and then some insecure messages suddenly appeared in the room. Notice that the message has the correct warning, but it should have fail to decrypt

Image

Here is the rageshake: https://github.com/element-hq/element-x-ios-rageshakes/issues/3881

This appear to be a case of backup vs late key race. The key is first received from (unauthenticated) backup, so the message is decrypted as a legacy message (gray shield). Then the late key is received, and then the proper "safety" of the key is determined. The verification state is updated but decryption is not reverted.

It is related to

  • "key upgrades" https://github.com/matrix-org/matrix-rust-sdk/issues/4698
  • Lack of authenticated backup

BillCarsonFr avatar May 28 '25 08:05 BillCarsonFr

We think this is tolerable until we fix it by implementing:

  • Authenticated backup, and
  • Storing SenderData in backups

andybalaam avatar Jun 02 '25 13:06 andybalaam

https://github.com/element-hq/element-internal/issues/589

https://github.com/matrix-org/matrix-spec-proposals/pull/4048

andybalaam avatar Jun 02 '25 13:06 andybalaam