End-to-End Encrypted Messages Over ActivityPub

One important pattern in social networking is end-to-end encryption for direct messages. This is a structure in which the native or Web clients encrypt the message on the user’s device, and no intermediate actor — neither user’s servers, nor any network node — can read the message.

This wasn’t a big part of our planning for ActivityPub when it was created, but it’s become more important. I think it’s possible to provide the functionality today.

For Activity Streams 2.0, you can set the mediaType property of a Note, Article, or other AS2 object. Using one of the encrypted text types — PGP/MIME or S/MIME or both — would make this pretty useful.

So an encrypted Note might look like:

  "@context": "https://www.w3.org/ns/activitystreams",
  "type": "Note",
  "mediaType": "multipart/encrypted",
  "summary": "This is an encrypted message.",
  "content": "<Unreadable encrypted content here>"

This might be a good start to making end-to-end encryption work.

For additional effort, we’d need the following:

  • How to encrypt binary attachments like an Image, Video, or other files. I think using inline content, with the same encryption type, might make sense, but could be too big for some JSON parsers to handle.
  • How to exchange keys between people in a conversation. I think a simple Offer activity with a public key object should manage the process pretty well.
  • Handling group conversations — adding people to a conversation, removing people from a conversation. I think this should be out of scope; many social messengers treat this as a different conversation.
  • How to handle the private keys — keeping them safe on the client, and sharing them to another client (probably with a QR code, like most encrypted messengers do).
  • Fallback representation. `summary` is the right thing to use here.
  • API. It’s probably easiest to do this with the ActivityPub API, but it’s not widely implemented.
  • Two interoperable implementations.

I hope that the SocialCG community group takes up this issue and comes out with a recommendation note.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s