End-to-end encryption¶
Element offers true end-to-end encrypted (E2EE) communication, meaning no-one else can eavesdrop on your conversations, not even server admins. Element uses the best end-to-end encryption available today.
Encryption is kept friendly with features like secure key backup, which allow you to recover your encrypted data even if you lose or break a device. Advanced features like verification highlight if a user's account may be compromised.
Refer to the official documentation.
What is Key Backup?¶
When key backup is enabled, your device will maintain a secure copy of its keys on our server. To ensure those keys can only ever be accessed by you, they are encrypted on your device, with a recovery key that you store in a safe place, or secure with a passphrase and upload to our server. It is important to understand that to protect your privacy your keys will never touch our systems unencrypted.
What is a 'device'?¶
For historical reasons, when we say 'device' we don't mean your phone or your laptop - you actually create a new 'device' each time you log in on Matrix (and destroy it again when you log out).
What does it mean to verify or trust a device in Element?¶
Element uses trust to represent an additional layer of security within the app, over and above username and password authentication.
If somebody is sending messages as Alice, we know that they have access to Alice's account - either they've logged in with Alice's username and password, or they're using a logged in session, perhaps on Alice's phone.
Usually, that somebody is going to be Alice. Unfortunately, in the real world, passwords can be guessed or sniffed and phones can be stolen. Element's trust mechanism is designed to mitigate this.
In Element, you can see every device that has joined an encrypted conversation. If a new and unexpected device joins, you can use device verification to check that it's really Alice. And if you suspect that a trusted device has fallen into the wrong hands, you can revoke that trust and remove its access to the ongoing encrypted conversation.
Key storage and Recovery Key¶
End-to-end encryption in Element has to manage many encryption keys. All these keys are stored securely on our server.
In order to do that, an additional security passphrase recovery key is required to encrypt the key storage.
We recommend to keep a copy of it somewhere secure, like a password manager or even a safe.
Important note: Should you lose your 'Recovery Key' and access to all your sessions, then your encrypted conversations could be lost! Not even server admins can help you in that case. 🙅
Refer to the official documentation for more information.
Resetting the server-side key backup¶
Possibly outdated: procedure in the element blog.
Set up encryption¶
Refer to https://element.io/help#set-up-recovery.
Using end-to-end encryption¶
End-to-end encryption (e2ee) is enabled by default for new direct messages (DMs) and suggested (by default on) for new group conversations (rooms). Encryption on existing DMs or rooms will not be enabled automatically. To enable it go to Room Settings > Security & Privacy > Encryption and enable Encryption.
Verifying other users (optional)¶
Should you want to use e2ee with the highest possible security and privacy, you can verify other user accounts. This is best done on another secure communication channel, where you are confident to verify the correct person. The verification flow is similar to Self-verification (see above). There should be a video available once the update is live.
To initiate it, select a Room > Members > Another user and click on Verify User.
What is new in Element 1.6.0 (cross-signing)?¶
Instead of verifying and trusting all devices of your conversation partners, you just have to verify and trust other persons (accounts). On the other hand, each person verifies and trusts their own devices.
With the update, new direct messages will be encrypted by default. Element will also suggest to enable encryption if you create a new private room. If you do not want that, just unselect Enable end-to-end encryption on the Create a private room dialog to turn off encryption. If the room to be created is intended to be a public room, then do not use encryption. End-to-end encryption can never be disabled once it is enabled.