Matrix: The future of communication is decentralised, secure and interoperable
4 likes2,366 views
The document outlines Matrix, a decentralized communication protocol aimed at creating a global, secure, and interoperable communication network. It emphasizes features like end-to-end encryption, group messaging, and the ability to bridge various communication silos while providing a range of client and server implementations. Additionally, it highlights the need for community involvement in running servers and feedback for further development.
![Basic 1:1 VoIP Matrix Signalling
Caller Callee
m.call.invite ----------->
m.call.candidate -------->
[more candidates events]
User answers call
<------ m.call.answer
[media flows]
<------ m.call.hangup
16](https://image.slidesharecdn.com/2016-11-14matrixtadsummit-161118133655/85/Matrix-The-future-of-communication-is-decentralised-secure-and-interoperable-16-320.jpg)
Matrix: The future of communication is decentralised, secure and interoperable
- 1. The future of communication is decentralised, secure and interoperable matthew@matrix.org http://www.matrix.org
- 2. A non-profit open standard for defragmenting communication
- 3. To create a global encrypted communication meta-network that bridges all the existing silos & liberates our communication to be controlled only by us.
- 6. No single party own your conversations – they are shared over all participants. 6
- 7. Matrix is for: Group Chat (and 1:1) WebRTC Signalling Bridging Comms Silos Internet of Things Data …and anything else which needs to pubsub persistent data to the world. 7
- 9. The Matrix Ecosystem The Matrix Specification (Client/Server API) client-sideserver-side Other Servers and Services Synapse (Reference Matrix Server) Matrix Application Services and Bridges Other Clients Matrix iOS Console MatrixKit (iOS) matrix-ios-sdk Matrix Web Console matrix- angular- sdk matrix-js-sdk Android Console matrix-android-sdk matrix- react- sdk
- 10. What do you get in the spec? • Decentralised conversation history (timeline and key-value stores) • Group Messaging • End-to-end Encryption (new!) • VoIP signalling for WebRTC • Server-side push notification rules • Server-side search • Read receipts, Typing Notifs, Presence • Synchronised read state and unread counts • Decentralised content repository • “Account data” for users per room 10
- 11. Clients • >30 matrix clients (that we know about) – Ranging from text UIs (Weechat, Emacs(!)) – …to desktop apps (Quaternion, NaChat, Pidgin) – …to glossy web and mobile clients (Riot) – …to protocol proxies (matrix-ircd) • Over 15 client-side SDKs: – Official: JS, React, iOS, Android – Semi-official: Python, Perl5, Go – Community: Erlang, Ruby, Lisp, Elixir, Haskell, Rust… 11
- 12. Home servers • Synapse:the original reference Matrix home serverimplementation. – 50K lines of Python/Twisted. – Some perf and maintainability challenges… • Ruma: Community project Rust implementation… early but promising! • Dendron: skeleton Golang reference impl – Wraps synapses, incrementally migrating endpoints • BulletTime (Go), Pallium (Go), jSynapse (Java) experiments from the community 12
- 13. What does it look like? https://riot.im 13
- 14. The client-server API To send a message: curl -XPOST -d '{"msgtype":"m.text", "body":"hello"}' "https://alice.com:8448/_matrix/client/api/v1/rooms/ROOM_ ID/send/m.room.message?access_token=ACCESS_TOKEN" { "event_id": "YUwRidLecu" } 14
- 15. The client-server API To set up a WebRTC call: curl -XPOST –d '{ "version": 0, "call_id": "12345”, "offer": { "type" : "offer”, "sdp" : "v=0rno=- 658458 2 IN IP4 127.0.0.1…" } }' "https://alice.com:8448/_matrix/client/api/v1/rooms/ROOM_ ID/send/m.call.invite?access_token=ACCESS_TOKEN" { "event_id": "ZruiCZBu” } 15
- 16. Basic 1:1 VoIP Matrix Signalling Caller Callee m.call.invite -----------> m.call.candidate --------> [more candidates events] User answers call <------ m.call.answer [media flows] <------ m.call.hangup 16
- 17. Bridges and Integrations Existing App Application Service 3rd party Server 3rd party Clients
- 18. Latest Bridges! • Official ones: – IRC – Slack – Gitter – Rocket.Chat – MatterMost – FreeSWITCH – Asterisk (Respoke) – libpurple • Community ones – Twitter – Telegram – Hangouts – Slack webhooks – Gitter (‘sidecar’) – ~8 IRC ones… – ~4 XMPP ones...
- 20. Community Status • Started out in Sept 2014 • Currently in very late beta • ~450K user accounts on the Matrix.org homeserver (many of these are bridged) • ~400K messages per day • ~50K rooms that Matrix.org participates in • ~1000 federated servers • ~50 companies building on Matrix 20
- 21. 21
- 22. 22
- 23. End to End Crypto with Olm 23 https://matrix.org/git/olm
- 24. End to End Encryption • 2 years in the making! • Based on Open Whisper Systems’ “Double Ratchet” alg as used in Signal etc. • Audited by NCC Group • Started final roll-out in Sept on Web • Launching next week on iOS & Android (on develop branches currently) • Supports per-target-device encryption • Supports flexible history privacy per-room. 24
- 25. Olm • Apache License C++11 implementation of Trevor Perrin / Moxie Marlinspike’s Double Ratchet, exposing a C API. • Supports encrypted asynchronous 1:1 communication. • “Megolm” layer adds group communication too. • 130KB x86-64 .so, or 208KB of asm.js 25
- 26. 26 Olm + Megolm C API Account • Keys Session • Initial Key Exchange Ratchet • Encrypt • Decrypt Crypto • Curve25519 • AES • SHA256 Megolm Group Ratchet
- 27. Alice Bob Alice and Bob both generate identity (I) & ephemeral (E) elliptic curve key pairs Initial Shared Secret (ISS) = ECDH(Ea, Ib) + ECDH(Ia, Eb) + ECDH(Ea, Eb) Discard Ea Derive chain key from ISS (HMAC) Derive message key (K0) from chain key (HMAC) Derive new chain key ß hash ratchet M0 = Message plaintext C0 = Authenticated Encryption of (M0, K0) Ra0 = generate random ratchet key pair Ja0 = incremental counter for each hash ratchet advancement Ia, Ea, Eb, Ra0, Ja0, C0 A Double ratchet. Kinda sorta.
- 28. Alice Bob Compute same Initial Shared Secret = ECDH(Ea, Ib) + ECDH(Ia, Eb) + ECDH(Ea, Eb) Compute same K0 M0 = Authenticated decryption of (C0, K0) To respond, B starts new ratchet chain: Rb1 = generate random ratchet key pair New Initial Shared Secret = ECDH(Ra0, Rb1) ß ECDH Ratchet C0 = Authenticated Encryption of (M, K0) Ra0 = generate random ratchet key Ja0 = incremental counter for each hash ratchet advancement Rb1, Jb1, C1 A Double ratchet. Kinda sorta.
- 29. 29 Alice Sending | Receiving MK CK RK CK MK -- -- -- -- -- ECDH(A0,B0) | | ECDH(A1,B0) + /| / | / + ECDH(A1,B1) CK-A1-B0 | | | MK-0 ----+ | | | CK-A1-B1 MK-1 ----+ | | | | +---- MK-0 MK-2 ----+ | | | +---- MK-1 ECDH(A2,B1) + /| / | / | CK-A2-B1 | | + ECDH(A2,B2) MK-0 ----+ CK-A2-B2 | +---- MK-0 | +---- MK-1
- 30. Group chat • Adds a 3rd type of ratchet: “Megolm”, used to encrypt group messages. • Establish 'normal' 1:1 ratchets between all participants in order to exchange the initial secret for the group ratchet. • All receivers share the same group ratchet state to decrypt the room. 30
- 31. Flexible privacy with Olm • Users can configure rooms to have: – No ratchet (i.e. no crypto) – Full PFS ratchet – Selective ratchet • Deliberately re-use ratchet keys to support paginating partial eras of history. • Up to participants to trigger the ratchet (e.g. when a member joins or leaves the room) – Per-message type ratchets? 31
- 32. • More hosted bridges, bots, services etc • Threading • Message tagging (e.g. “Like” support) • Group ACLs • File tagging and management • Decentralised identity • “Fixing spam” 32 Matrix: What’s coming up?
- 34. • We need people to try running their own servers and join the federation. • We need people to run gateways to their existing services • We need feedback on the APIs. • Consider native Matrix support for new apps • Follow @matrixdotorg and spread the word! 34