End-to-end encryption?


#1

Hello,

We’re considering Rocket.Chat as a replacement for Slack. I can’t quite tell if Rocket.Chat has end-to-end encryption. From what I’ve read, it seems that it does. https://www.slant.co/versus/1983/10600/~whatsapp_vs_rocket-chat
and
https://rocket.chat/2017/07/02/mrinal-dhar-developing-end-to-end-encryption-with-signal-protocol/

Can someone tell me for sure if this the case? In other words, we’re looking to see if direct communication with another individual is secure. We would use Apache Virtualhost with a Let’s Encrypt cert as the reverse proxy to secure Rocket.Chat.

Thanks in advance!

Ryan


#2

In any DM you can click the key in contextual bar to start encrypted conversation. Messages are encrypted client side and only the other user can decrypt.

Upcoming I think this will be possible for private group chat as well.


#3

Good to know. Thanks, @aaron.ogle

I assume the basic peer-to-peer communication is encrypted, without the user needing to do anything special because all IMs go through the secure reverse-proxy. Right?


#4

Just to re-iterate and make sure you understand what i’m saying. For DM’s you have to goto:
image
Click OTR to start an encrypted session.

This of course requires your server be configured with ssl. Otherwise you can’t even have a secure hand shake between the two.


#5

Makes sense. Thanks again, Aaron.


#6

Hey @aaron.ogle, I do not want to sound harsh but I think one should also mention, that OTR in general works, yet has this critical bug (which, by the way, I think should be fixed ASAP - do you know the status of the GSOC OTR sutff/rewrite that seems to have been going on? Did something come out of that?)

Cheers
Thomas


#7

Ah yes… The file upload thing. I have yet to use e2e and send a file. I always use for a quick conversation I don’t want to stick around. Like passing personal information needed to buy plane ticket or something.

But yes it should warn that files aren’t encrypted. At least in the session start. This would be a matter of just changing the i18n string.

I don’t know the status of the new and improved version.