Cryptographic Issues in Matrix's Rust Library Vodozemac
7 days ago
- #matrix
- #security
- #cryptography
- Matrix's Olm library had multiple side-channel vulnerabilities, which were not fixed despite disclosure.
- Matrix.org's security team failed to notify alternative clients about vulnerabilities and mishandled the disclosure process.
- Vodozemac, Matrix's Rust library, contains cryptographic vulnerabilities, including accepting the identity element in Diffie-Hellman, leading to zero security.
- Downgrade attacks from V2 to V1 in Vodozemac reduce security by truncating HMAC outputs to 64 bits.
- Miscellaneous issues in Vodozemac include weak ECIES CheckCode, silent dropping of message keys, deterministic IV in pickle format, and disabled security checks under fuzzing.
- Matrix's cryptography lacks expertise, with repeated vulnerabilities found in both libolm and Vodozemac.
- Matrix's leadership has not shown humility or willingness to learn from past security issues.
- Audits of Matrix's cryptography have not led to sufficient improvements, with known issues remaining unaddressed.
- Matrix's security flaws make it a risky choice for secure communication, comparable to other poorly secured platforms like Twitter's X Chat.