Trust, but verify: introducing user verification
It’s been a while since we introduced End-to-End Encryption (E2EE) over two years ago. Back then we started with a simple model consisting of a passphrase everyone needed to type and later migrated to a model with randomly generated keys per participant. Each have different characteristic and we ultimately chose to stick with the latter. Today we are introducing a missing piece in the E2EE puzzle: user verification.
User verification was not previously possible in Jitsi Meet. Just like our core E2EE we are basing our implementation on the Matrix protocol. Matrix’s libolm / vodozemac provide a Short Authentication String (SAS) mechanism implementation which developers can use. They even have great documentation on how it works, thanks Matrix!
So, how does it work?
First, you’d gather in a meeting and turn E2EE on.
Now you’ll see a new option for each participant in their tile menu that allows you to verify them:
After choosing to verify a user a dialog will open with a list of emojis:
Wait what? Emoji? These emojis conform the SAS. They have been carefully chosen to avoid ambiguity and make the process more user friendly than comparing random numbers. You can find more information in the Matrix spec. You must verbally compare them with the other participant and if they match, mark it as verified.
Once a user is verified this will be reflected in the user information tooltip:
At this point you can be sure that not only your data is encrypted end-to-end, but also that there is no man-in-the-middle (MITM) attach happening.
User verification is currently available in Jitsi Meet master and deployed in beta. It will be part of the next stable release, but expect more improvements specially in the UX front.
We’d like to thank Robertas Maleckas (ETH Zurich), Prof. Kenny Paterson (ETH Zurich) and Prof. Martin Albrecht (Royal Holloway, University of London) for their work researching Jitsi Meet’s E2EE and encouragement, and Matrix for their tools, which make implementing E2EE a much better experience.
Please note that we still consider our E2EE experimental and are still working on improvements. Please make sure you check out our post on how end-to-end encryption in general does NOT offer a meaningful level of trust and protection when it comes to modern meetings services.
❤️ Your personal meetings team.