Proposal: Make primary user identity a public/private keypair #220
Comments
|
I'm extremely new to the Matrix community, but I am very excited by how promising it looks. As I was trying to get signed up, I was rather surprised that the primary identifier for an individual was not a public/private keypair. I've thought about this a bit---and looked at many of the other referenced discussions. There seems to be momentum in at least changing some elements of how identifiers work (e.g., element-hq/element-web/issues/5336). I think it'd be a real shame to follow through on these proposals without baking public key cryptography into Matrix identities. I think a chain-of-trust model should at least be considered. @Matrixcoffee's suggestion seems to be the right idea in spirit, but I'd also like to suggest a slight modification that should provide for significant additional security:
This approach provides the flexibility for users to decide how much security they want, the amount of convenience they are willing to sacrifice for it, and whom precisely they trust. The level of authentication provided in any e2e encrypted conversation could be presented in clients (e.g., was an intermediate key used to authenticate this e2e conversation). Then, people could then still use ephemeral sign-in techniques (like web-clients) without having to compromise security when they are using more well-trusted devices. It also opens the door for single-use passwords for time-limited conversations on poorly-trusted devices without permanently compromising one's Matrix identity. |
|
@aerusso we're experimenting with this right now as part of GDPR work (matrix-org/synapse#1941 (comment)). Amusingly we're even looking at introducing the same sigils - (~ for user IDs, and ^ for per-user-per-room IDs). The spec proposal is still a bit up in the air; we're trying to work out if we really need to do this as part of mxid anonymisation for GDPR first, but expect it to be shared shortly. |
turt2live
added
the
feature
turt2live
added
room-vNext
|
i think this has basically been superceded by matrix-org/matrix-spec-proposals#1228 and matrix-org/matrix-spec-proposals#3793. huge thanks to @Matrixcoffee for kicking off the discussion and being prescient by a few years tho :D Unsure whether to keep this open until matrix-org/matrix-spec-proposals#1228 and matrix-org/matrix-spec-proposals#3793 land or close as a dup... |
|
IIRC SILC used keypairs for identity as well |
|
I'm closing this as a dup. It's certainly a direction we want to go in, but hammering out the details is going to take a while. |
I'll just leave this here. There are some notes I quickly jotted into my phone. Let me know if there is interest in this, and I'll type something up that more closely resembles actual prose.
Related-To: #203 #63 #65
Replace user/pass with public key identity.
Every user is their key fingerprint.
Key is optionally and by default kept on the server, passphrased.
Client keeps a local copy of the key, if possible, allowing for account recovery in case server loses the key blob.
Server never sees the passphrase - private key is downloaded from the server by the client, decrypted with the passphrase, and used to sign in. (*Need some mechanism that prevents downloading all key blobs from HS, possibly use an alternative s2k algorithm on the passphrase to unlock download.)
Also clears the way for true account migration. (Link in spec leading nowhere #712)
On joining a room, send a BIND_HS message to bind the decentralized ID to the homeserver and local identity.
On migrating an account, the same BIND_HS can be sent to change the homeserver.
A given decentralized ID can only exist on one HS at a time (per room).
The e2e keys could be signed with the account key, providing a single identity for all a user's devices, including future devices.
The text was updated successfully, but these errors were encountered: