End-to-end Encryption (E2EE) over ActivityPub
-
End-to-end Encryption (E2EE) over ActivityPub
Encrypted direct messages supply the confidence that people need to connect with family, friends and colleagues privately over a social network. As part of the Summer of Protocols 2024, we explore the integration of end-to-end encryption (E2EE) into the ActivityPub protocol.
End-to-end Encryption (E2EE) over ActivityPub
Encrypted direct messages supply the confidence that people need to connect with family, friends and colleagues privately over a social network. As part of the Summer of Protocols 2024, we explore the integration of end-to-end encryption (E2EE) into the ActivityPub protocol. We conduct a review of encryption protocols and integration architectures, and selected Messaging Layer…
Social Web Foundation (socialwebfoundation.org)
#ActivityPub #E2EE #SocialWeb #Foundation #SocialWebFoundation #Encryption #Verschlüsselung #Sicherheit #Privatnachricht
@sozialwelten It's 2025 now, and there are no tangible results.
-
@sozialwelten It's 2025 now, and there are no tangible results.
@raucao It is also not a part of the official Mastodon Roadmap even though there are some open issues in the GitHub repository concerning E2EE.
I personally hope that it will get integrated into ActivityPub and/or Mastodon but for 2026 and 2027 I do not see any signs that there is anything remotely close to being published.
#E2EE #Issues #Github: https://github.com/mastodon/mastodon/issues?q=is%3Aissue%20state%3Aopen%20e2ee
#Mastodon #Public #Roadmap: https://joinmastodon.org/roadmap -
@raucao It is also not a part of the official Mastodon Roadmap even though there are some open issues in the GitHub repository concerning E2EE.
I personally hope that it will get integrated into ActivityPub and/or Mastodon but for 2026 and 2027 I do not see any signs that there is anything remotely close to being published.
#E2EE #Issues #Github: https://github.com/mastodon/mastodon/issues?q=is%3Aissue%20state%3Aopen%20e2ee
#Mastodon #Public #Roadmap: https://joinmastodon.org/roadmap@sozialwelten @raucao
I searched for some progress information, and found this: https://www.w3.org/2024/09/25-e2ee-minutes.html -
@sozialwelten @raucao
I searched for some progress information, and found this: https://www.w3.org/2024/09/25-e2ee-minutes.html@koteisaev @sozialwelten There is zero progress in that, just a few people discussing what anyone interested in E2EE already knows.
-
@koteisaev @sozialwelten There is zero progress in that, just a few people discussing what anyone interested in E2EE already knows.
@koteisaev @sozialwelten FWIW, since Nostr identities are based on key pairs by design, and its developers care a bit more about privacy, E2EE DMs are already being tested via an MLS-based protocol there:
GitHub - marmot-protocol/marmot: The Marmot Protocol is a messaging protocol that specifies how to do efficient end-to-end encrypted group messaging using Nostr's decentralized identity & relay network combined with the MLS Protocol.
The Marmot Protocol is a messaging protocol that specifies how to do efficient end-to-end encrypted group messaging using Nostr's decentralized identity & relay network combined with the MLS Protocol. - marmot-protocol/marmot
GitHub (github.com)
I think it's a shame that none of the large AP implementers are prioritizing this, because without user-owned keys, not just are DMs unencrypted, but there can be no true user sovereignty and account portability on the fediverse.
-
@koteisaev @sozialwelten FWIW, since Nostr identities are based on key pairs by design, and its developers care a bit more about privacy, E2EE DMs are already being tested via an MLS-based protocol there:
GitHub - marmot-protocol/marmot: The Marmot Protocol is a messaging protocol that specifies how to do efficient end-to-end encrypted group messaging using Nostr's decentralized identity & relay network combined with the MLS Protocol.
The Marmot Protocol is a messaging protocol that specifies how to do efficient end-to-end encrypted group messaging using Nostr's decentralized identity & relay network combined with the MLS Protocol. - marmot-protocol/marmot
GitHub (github.com)
I think it's a shame that none of the large AP implementers are prioritizing this, because without user-owned keys, not just are DMs unencrypted, but there can be no true user sovereignty and account portability on the fediverse.
@raucao @koteisaev @sozialwelten the problem is, as always, key management. nostr has the advantage that people are already comfortable with handling cryptographic keys. e2ee on AP doesn't make much sense if people don't own their keys. -
@raucao @koteisaev @sozialwelten the problem is, as always, key management. nostr has the advantage that people are already comfortable with handling cryptographic keys. e2ee on AP doesn't make much sense if people don't own their keys.
@lain @sozialwelten @koteisaev Yes.
-
@raucao @lain @sozialwelten @koteisaev FWIW, encryption with user-owned keys is on my roadmap. I don't want to start with MLS, though, it's too complex. The first prototype will likely encrypt messages with user's identity key, as described in https://codeberg.org/silverpill/feps/src/branch/main/0806/fep-0806.md
-
@raucao @lain @sozialwelten @koteisaev FWIW, encryption with user-owned keys is on my roadmap. I don't want to start with MLS, though, it's too complex. The first prototype will likely encrypt messages with user's identity key, as described in https://codeberg.org/silverpill/feps/src/branch/main/0806/fep-0806.md
@silverpill @lain @sozialwelten @koteisaev That could be the first step for anyone. Still better than sending unencrypted DMs around.
-
End-to-end Encryption (E2EE) over ActivityPub
Encrypted direct messages supply the confidence that people need to connect with family, friends and colleagues privately over a social network. As part of the Summer of Protocols 2024, we explore the integration of end-to-end encryption (E2EE) into the ActivityPub protocol.
End-to-end Encryption (E2EE) over ActivityPub
Encrypted direct messages supply the confidence that people need to connect with family, friends and colleagues privately over a social network. As part of the Summer of Protocols 2024, we explore the integration of end-to-end encryption (E2EE) into the ActivityPub protocol. We conduct a review of encryption protocols and integration architectures, and selected Messaging Layer…
Social Web Foundation (socialwebfoundation.org)
#ActivityPub #E2EE #SocialWeb #Foundation #SocialWebFoundation #Encryption #Verschlüsselung #Sicherheit #Privatnachricht
sozialwelten@ifwo.eu I apologize if my point of view may seem conservative and narrow-minded... but in my opinion, pushing for the integration of encrypted messaging into the Fediverse is not advisable. I believe the best solution is that of the Lemmy developers, who have created a button that allows two users with a Matrix account to communicate via software designed for secure communications.
-
@silverpill @lain @sozialwelten @koteisaev That could be the first step for anyone. Still better than sending unencrypted DMs around.
@raucao @silverpill @lain @sozialwelten @koteisaev the problem is not e2ee in itself. It's all the consequences: key management ux nightmare, no spam prevention from servers, no csam filter on servers, no search in server (client must download everything to index and search locally, good luck with mobile). I don't see a world where we have both e2ee and good usability
-
@raucao @silverpill @lain @sozialwelten @koteisaev the problem is not e2ee in itself. It's all the consequences: key management ux nightmare, no spam prevention from servers, no csam filter on servers, no search in server (client must download everything to index and search locally, good luck with mobile). I don't see a world where we have both e2ee and good usability
@lutindiscret @raucao @silverpill @lain @sozialwelten
I seen a good explainer (can't recall where) that systems either created for public communication (such as social media & activity pub) or for private communication (such as e2ee messengers). And them both don't mix well.
So attempt to stretch e2ee over fediverse will end mass usage of technical and social crutches and band-aids.
That explainer proposed to use email for direct messages (with PGP?), OR giving links pointing to e2ee messengers -
@lutindiscret @raucao @silverpill @lain @sozialwelten
I seen a good explainer (can't recall where) that systems either created for public communication (such as social media & activity pub) or for private communication (such as e2ee messengers). And them both don't mix well.
So attempt to stretch e2ee over fediverse will end mass usage of technical and social crutches and band-aids.
That explainer proposed to use email for direct messages (with PGP?), OR giving links pointing to e2ee messengers@koteisaev yes. Fediverse is designed to give everyone a megaphone. Some people want to use the megaphone to have private conversations. Quite a strange idea. Same for e2ee encrypted messengers some will use as a megaphone (making rooms with thousands people).
I agree a protocol between x people to automatically negociate a chatapp to dm would be cool. Or maybe integrate xmpp, there is a bluesky dm implementation based on matrix. Reuse may work best
-
@raucao @lain @sozialwelten @koteisaev FWIW, encryption with user-owned keys is on my roadmap. I don't want to start with MLS, though, it's too complex. The first prototype will likely encrypt messages with user's identity key, as described in https://codeberg.org/silverpill/feps/src/branch/main/0806/fep-0806.md
@silverpill @raucao @lain @sozialwelten @koteisaev
As a note, FEP-0806 is overly simplistic in that it has no forward secrecy.
As an easy improvement, if the sender also generates a per-message ephemeral X25519 keypair, you can do static-static + static-ephemeral KEX and get imperfect forward secrecy (no additional round trips required).
-
@koteisaev yes. Fediverse is designed to give everyone a megaphone. Some people want to use the megaphone to have private conversations. Quite a strange idea. Same for e2ee encrypted messengers some will use as a megaphone (making rooms with thousands people).
I agree a protocol between x people to automatically negociate a chatapp to dm would be cool. Or maybe integrate xmpp, there is a bluesky dm implementation based on matrix. Reuse may work best
@lutindiscret @koteisaev @raucao @lain @sozialwelten
>Fediverse is designed to give everyone a megaphone.
This is true for (micro)blogging platforms, but Fediverse is bigger than that. Some platforms are designed primarily for private communication (Hubzilla & co), and ActivityPub works very well for them.
>Or maybe integrate xmpp, there is a bluesky dm implementation based on matrix. Reuse may work best
It is easier to encrypt ActivityPub messages than to implement additional protocol like XMPP. We can reuse cryptographic libraries, though.
-
@silverpill @raucao @lain @sozialwelten @koteisaev
As a note, FEP-0806 is overly simplistic in that it has no forward secrecy.
As an easy improvement, if the sender also generates a per-message ephemeral X25519 keypair, you can do static-static + static-ephemeral KEX and get imperfect forward secrecy (no additional round trips required).
@greyarea @raucao @lain @sozialwelten @koteisaev Thank you for the advice. I need to start with something simple in order to learn how cryptography works. Then it will be replaced with a more secure scheme.
From what I learned so far, the core principle is pretty much the same in all modern encryption schemes, they differ in how shared symmetric key is generated. Is that correct?
