this post was submitted on 28 Sep 2022
22 points (100.0% liked)

Matrix

3284 readers
1 users here now

An open network for secure, decentralized communication

founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] poVoq 4 points 2 years ago* (last edited 2 years ago) (1 children)

AFAIK they don't exist because OMEMO keys are device and not account specific, so this entire class of attack surface does not exist.

[–] jcast@mastodon.social 2 points 2 years ago (2 children)

@poVoq @sexy_peach

Isn't matrix also based on session keys?
I think the issue is more about how keys are shared between devices, and access to previous messages granted?

[–] poVoq 3 points 2 years ago

I am not an expert on the topic, but yes the key sharing seems to be the ultimate source of these issues.

[–] jcast@mastodon.social 1 points 2 years ago

@poVoq @sexy_peach

shared meaning cross-signed