End-to-end encryption?


#1

Hello,

We’re considering Rocket.Chat as a replacement for Slack. I can’t quite tell if Rocket.Chat has end-to-end encryption. From what I’ve read, it seems that it does. https://www.slant.co/versus/1983/10600/~whatsapp_vs_rocket-chat
and
https://rocket.chat/2017/07/02/mrinal-dhar-developing-end-to-end-encryption-with-signal-protocol/

Can someone tell me for sure if this the case? In other words, we’re looking to see if direct communication with another individual is secure. We would use Apache Virtualhost with a Let’s Encrypt cert as the reverse proxy to secure Rocket.Chat.

Thanks in advance!

Ryan


#2

In any DM you can click the key in contextual bar to start encrypted conversation. Messages are encrypted client side and only the other user can decrypt.

Upcoming I think this will be possible for private group chat as well.


#3

Good to know. Thanks, @aaron.ogle

I assume the basic peer-to-peer communication is encrypted, without the user needing to do anything special because all IMs go through the secure reverse-proxy. Right?


#4

Just to re-iterate and make sure you understand what i’m saying. For DM’s you have to goto:
image
Click OTR to start an encrypted session.

This of course requires your server be configured with ssl. Otherwise you can’t even have a secure hand shake between the two.


#5

Makes sense. Thanks again, Aaron.


#6

Hey @aaron.ogle, I do not want to sound harsh but I think one should also mention, that OTR in general works, yet has this critical bug (which, by the way, I think should be fixed ASAP - do you know the status of the GSOC OTR sutff/rewrite that seems to have been going on? Did something come out of that?)

Cheers
Thomas


#7

Ah yes… The file upload thing. I have yet to use e2e and send a file. I always use for a quick conversation I don’t want to stick around. Like passing personal information needed to buy plane ticket or something.

But yes it should warn that files aren’t encrypted. At least in the session start. This would be a matter of just changing the i18n string.

I don’t know the status of the new and improved version.


#8

Our implementation of End to End encryption has landed with 0.70.0. File encryption will be on the roadmap asap. It almost landed with file encryption but it was a bit too heavy so it had to be delayed.


#9

Our company would like to use RocketChat, but there is a security requirement, which is necessary:

  • E2E encryption in DM by default, with history preservation and search;

Would be great if you could add it, I am sure many companies could then on-board your solution.