I use Element as my Matrix client, but all of the Secure Backup and Cross-Signing buttons confuse me. Does anyone know the difference between pressing Reset instead of Delete Backup for the Secure Backup? Also, how does Cross-Signing share the same key with Secure Backup, or am I mixing something up?
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
Each message in the various rooms are encrypted individually with their own keys. These keys are derived from the session keys of the participants in each of the rooms. That’s a lot of keys.
If you wish to read these encrypted messages across multiple devices you’ll need to have the same keys on each of those devices ("sessions ") too.
One method to share the keys is for your sessions to “gossip” them between each other.
When you logout of a session, all its keys are deleted.
If you ever logged out of all your sessions at once, you’d lose access to all those keys and you’d never be able to decrypt your old messages again.
To mitigate that, you can create a key backup that is itself encrypted and stored on the server (Secure Backup). This allows you to download the stored keys from the server, restore them to your current device and rejoin the discussions again.
The Cross Signing process is the process used to authorise your new session and allows it to participate in the key-gossip function. By restoring the keys from the Secure Backup you’re implicitly signing-in your device and blessing it all at once.
(… as far as I understand it all. Someone with more in-depth knowledge will correct me, I’m sure)