Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[NEW] Support for end to end encryption #10094

Merged
merged 98 commits into from
Sep 21, 2018
Merged

Conversation

mrinaldhar
Copy link
Contributor

@mrinaldhar mrinaldhar commented Mar 10, 2018

@RocketChat/core

Creating new package "RocketChat-e2e", that enables end-to-end encrypted chat conversations in Rocket.Chat.

(Previously PR #7181 , merged into new branch)

Package adds functionality for encrypted direct messaging, encrypted group conversations and encrypted file uploads.


Objectives completed:

  • E2E Encryption support for Direct messaging
  • E2E Encryption support for Private groups
  • Asynchronous encrypted chats
  • Synchronized encrypted chat history across user's devices

localhost_3000_group_secure laptop with hidpi screen 4
localhost_3000_group_secure laptop with hidpi screen 3
localhost_3000_group_secure laptop with hidpi screen 2
localhost_3000_group_secure laptop with hidpi screen 1
localhost_3000_group_secure laptop with hidpi screen

mrinaldhar added 30 commits June 7, 2017 14:57
@rodrigok rodrigok temporarily deployed to rocket-chat-pr-10094 September 20, 2018 23:32 Inactive
sampaiodiego
sampaiodiego previously approved these changes Sep 21, 2018
@sampaiodiego sampaiodiego merged commit 808619b into develop Sep 21, 2018
@sampaiodiego sampaiodiego deleted the end-to-end-encryption branch September 21, 2018 01:03
@immanuelfodor
Copy link

Guys, this seems to be a fantastic improvement, I have only one question though. "Synchronized encrypted chat history across user's devices" means that the mobile clients (eg. https://github.com/RocketChat/Rocket.Chat.Android) will support it if one upgrade their RC server? Or this feature is now only available in the browser view "across devices" and the mobile apps should implement this functionality on their own later?

@geekgonecrazy
Copy link
Contributor

geekgonecrazy commented Sep 21, 2018

@immanuelfodor right now this would be web/desktop only. I'm not sure what the timeline will be for mobile to implement. Probably will need to make sure the api's mature a bit and then they will implement.

@mrsimpson
Copy link
Collaborator

@geekgonecrazy @sampaiodiego

right now this would be web/desktop only

Most users will consider this a major bug. If you can't read messages on mobile which you sent on Desktop, the elementary job of Rocket.Chat "send a message" is jeopardized.

@rafaelks
Copy link
Contributor

@geekgonecrazy @rodrigok Is there any docs for the APIs? I couldn't find anything yet.

@rodrigok
Copy link
Member

@immanuelfodor @mrsimpson @rafaelks this is a beta version, I'll update with more details before the final release and it's disabled by default.

There is no docs yet since I still need to finish the REST Apis e some other stuffs.

@nielsk
Copy link

nielsk commented Sep 21, 2018

If it is not yet ready for mobile yet: will there be a possibility to send encrypted and unencrypted messages at the same time? Currently when there is an OTR-session running on the web-client or the desktop-app and you send then a message from a mobile client, the message won't turn up on the desktop except beneath the nick, in the nick-list in extended view. Thus the other side doesn't even see that it should turn off OTR for further communication.

@rodrigok
Copy link
Member

@nielsk yes, if some client send an unencrypted message that message will be shown to everyone, only messages sent with t: 'e2e' will pass through the decryption process.

@geekgonecrazy
Copy link
Contributor

@rocketchat/core should we update last message? Right now shows something like:
image

Not sure how to implement... something like this maybe?
dont-store-encrypted-message-last-message.patch.txt

It'd use the server language I think...

@rodrigok
Copy link
Member

@geekgonecrazy nice catch, since the client has the key we may decrypt the message and show it

@geekgonecrazy
Copy link
Contributor

This is true I forget about being able to decrypt it and just show it. If not too heavy on client that would work

This was referenced Sep 28, 2018
@exhuma
Copy link

exhuma commented Oct 22, 2018

Given that this has been merged and is officially released now, is there any timeline when we can expect this to hit the mobile clients?

We currently use rchat as an in-company self-hosted messaging solution and privacy is important. For this reason we have disabled notification content on mobile devices (as notifications pass through a 3rd party). Not having notification content on the mobile client is a major disadvantage and main pain-point of users.

E2E encryption really is a huge feature. But not having this available on mobile is a major blocking point for adopting this!

@rafaelks
Copy link
Contributor

@exhuma This is in our roadmap already, we'll be working on E2E for the next release for iOS and Android, you can expect something by later November.

@hypery2k
Copy link
Contributor

hypery2k commented Nov 6, 2018

@rafaelks Is there an issue to track?

@rafaelks
Copy link
Contributor

rafaelks commented Nov 6, 2018

@hypery2k Yes...

Android: RocketChat/Rocket.Chat.Android#566
iOS: RocketChat/Rocket.Chat.iOS#964

@theorenck theorenck removed this from the Short-term milestone Dec 12, 2018
@lorek123
Copy link

and encrypted file uploads.
Are you going to add support for this? This can be confusing for users who thinks ALL communication is fully e2e encrypted

@codenoid
Copy link

rocket should be support e2e file uploads-downloads

@lorek123
Copy link

Matrix is implementing e2e for file sharing in this way: https://matrix.org/docs/guides/e2e_implementation.html#encrypted-attachments
https://matrix.org/docs/spec/client_server/r0.4.0.html#sending-encrypted-attachments
Maybe this is a way to implement this in rocketchat too.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.