Matrix E2EE Threat Model
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

 
Comment only
 
 
ABCDEFGHIJKLMNOPQRSTUVWXYZ
1
Stuff we protect against:
2
3
AdversaryAction Mitigation
4
Malicious server admins (aka compromised servers)
5
Who add malicious devices into your account to receive new messages for your account
6
Who modify the /devices CS API to not report malicious devices on your account
7
Who modify the human-visible metadata on the /devices CS API to camouflage malicious devices
8
Who add malicious backups onto your account in order to intercept your keys
9
MITM HTTPS attacks
10
Data from interception by a Global Passive Adversary (GPA)
11
DNS hijack / reuse attacks
12
Replay attacks
13
Unknown keyshare attacks
14
Attacks on backwards secrecy (i.e. being able to decrypt old messages based on a snapshot of current encryption state)
15
Interception/interference from cloned devices (e.g. restored from backups)
16
Attacks on deniability. (e.g. cryptographically speaking, whilst the sender should be authenticated time of sending, there should not be proof in retrospect of their identity. For instance, it could have been a malicious server admin.).
17
Timing side-channel attacks.
18
Passive Attacks on out-of-band verification (e.g. shouldersurfing a QR code or bugging an OOB SAS code)
19
20
Stuff we don’t try to protect against:
21
On-device attacks
22
Malicious/buggy clients
23
Metadata interception by a malicious server admin
24
Metadata interception by a GPA
25
Transcript consistency attacks
26
Attacks on forward secrecy (i.e. being able to decrypt new messages based on a snapshot of current encryption state)
27
Compromise of megolm keys (via interception on client, or intercepting recovery key/passphrase for an online/offline key backup)
28
Evil maid or rubber hose attacks on megolm key backup keys/passphrases
29
Brute force attacks on megolm key backups (offline & online)
30
Active Attacks on out-of-band verification (e.g. using a speech synthesizer to fake text auth comparison, or an attacker tricking you to showing a screenshot of a compromised QR code on your phone to fake a QR verification)
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
Loading...
Main menu