The developers of the open source Matrix messaging protocol will release an update Thursday to fix critical end-to-end encryption vulnerabilities that subvert the confidentiality and authentication guarantees that have been key to the platform’s meteoric rise.
Matrix is a sprawling ecosystem of proprietary and open source chat and collaboration clients and servers that are fully interoperable. The best-known app in this family is Element, a chat client for Windows, macOS, iOS, and Android, but there are a wide variety of other members as well.
The Matrix aims to do for real-time communication what the SMTP Default does for email, which is to provide a federated protocol that allows client users connected to different servers to exchange messages with each other. However, unlike SMTP, Matrix offers strong end-to-end encryption, or E2EE, designed to ensure that messages cannot be forged and that only the senders and receivers of the messages can read the content.
Matthew Hodgson, co-founder and project lead of Matrix and CEO and CTO of Element, the maker of Element’s flagship app, said in an email that, according to conservative estimates, there are about 69 million Matrix accounts spread across about 100 000 servers. The company currently sees around 2.5 million monthly active users using its Matrix.org server, though he said this is also likely an underestimate. Among the hundreds of organizations announcing plans to build internal messaging systems based on the Matrix are Mozilla, KDE, and the governments of France and Germany.
On Wednesday, a team of researchers published research which reports a number of vulnerabilities that undermine Matrix’s authentication and confidentiality guarantees. All of the attacks described by the researchers require the help of a malicious or compromised home server that targets users who connect to it. In some cases, there are ways for experienced users to detect that an attack is taking place.
Researchers privately reported the vulnerabilities to Matrix earlier this year and agreed to a coordinated disclosure scheduled for Matrix’s Wednesday release of updates addressing the most serious flaws.
“Our attacks allow a malicious server operator or someone who gains control of a Matrix server to read user messages and impersonate them,” the researchers wrote in an email. “The Matrix aims to protect against such behavior by providing end-to-end encryption, but our attacks highlight design flaws in its protocol and flagship Client Implementation Element.”
Hodgson said he disagrees with the researchers’ assertion that some of the vulnerabilities reside in the Matrix protocol itself, saying they are all implementation bugs in the first generation of Matrix applications, which includes Element. He said that a newer generation of Matrix apps, including ElementX, Hydrogen and Third Room, are not affected. There is no indication that the vulnerabilities have ever been actively exploited, he added.