Security

Overview

Setting up end-to-end encryption (E2EE)

Messages in chats are always sent securely (end-to-end encrypted) without you having to set anything up. But if you don’t set up a so-called security key, you will eventually no longer be able to read these messages. If you don’t create a security key yourself, a temporary security key for encryption is automatically created and saved locally on your device (which is lost if, for example, the tab in the browser is closed). This setup (with E2EE) ensures that you have a permanent security key (that it is saved on the home server of the University of Wuppertal) and thus the messages are preserved.

Warning

It is strongly recommended to use key backup to avoid losing messages.

To begin creating a security key, there are several ways to get to the “Set up key backup” pop-up window:

  1. One would be to go to All Settings, then to Security and then under Encryption, click on Setup.
  2. When you log in with your Matrix account, before the chat interface opens, a pop-up window appears that allows you to set up key security.
  3. When the chat interface is open, there is a small pop-up window at the top left, which also allows you to set up key security.

Request to generate the security key or enter a security phrase Request to generate the security key or enter a security phrase

► There are two options here that lead to the same goal. You can either remember the security key yourself under Generate security key or you can create a password under Enter security phrase.

Verification of persons

The verification of persons is optional. It serves to verify whether this person is actually the person I think he or she is. The trustworthiness of the respective persons is documented digitally.

To start the verification, go to Room Info > People in the direct chat or room and click on the desired person. In the Profile that opens, click on Verify > Start Verification.

Menu for the person to be verified selected with the Verify button Menu for the person to be verified selected with the Verify button

Menu to start the verification Menu to start the verification

This verification should be done with the contact person by means of a comparison (e.g. verbally over the phone, in the same room or another medium). The comparison itself is done via emoji images or QR codes, which can look different depending on the device and icon pack. The translation of all interface elements into German is also not 100% available.

Emoji comparison to verify key exchange Emoji comparison to verify key exchange

Verification process was successful Verification process was successful

A detailed presentation of the topic can be found in this Matrix blog article.

Verification status

In the respective room rows, the following symbols indicate the status of the encryption and the associated verification:

Symbol for at least one non-verified person Symbol for at least one non-verified person

At least one person in the room has not yet been verified.

Icon for a verified person who has opened unverified sessions Icon for a verified person who has opened unverified sessions

There is at least one person in the room who has already been verified, but who has opened additional unverified sessions.

Symbol for all people in the room are verified Symbol for all people in the room are verified

Everyone in the room has been verified.