Backup E2E room keys
E2E Encryption, or End To End Encryption is a concept of encryption where the whole path between the sender and the receiver of the message is encrypted. This way, not even the provider of the communication service is able to intercept content of the communication of its users.
E2E Room keys
If you create an Element account it is recommended to download and safely store your E2E room keys. With these keys you can restore all your messages even if you have lost all your devices. Together with your account password, these keys are a full backup of your Element account.
It can be downloaded as a simple textfile that is protected by a password of your choice. You can then simply store the file in your Nextcloud drive, so that you never lose it.
To download your E2E room keys follow next steps:
- Open your Element app
- Go to Settings
- Go to Security & Privacy
- Look for the Cryptography section
- Click Export E2E room keys
- Enter a strong password (this should be different from your account password)
- Confirm the password and click Export
- Save the file on your device
Don't forget to put the file in a safe place!
If you ever need to recover your messages from a fresh login, repeat the steps above, but instead of Export E2E room keys, choose Import E2E room keys, browse for the file, enter your password and click Import.
A lot of times E2E is accomplished by generating two keys on each person's device, a private key and a public key. Before the two persons start the conversation, they give each other their public key.
- When the sender creates a new message, he/she encrypts the message with the public key of the intended receiver. Then the message is sent.
- When the receiver gets the new message, he/she decrypts the message with his/her private key. Now the receiver can read the message.
Since the sender encrypts the message with the public key for which only the receiver has the corresponding private key, it is impossible for someone without that private key to decipher the message, even if that someone was able to intercept it. Essentially, if you use E2E Encryption you avoid even the service operators from reading along.
There are (many) different technical implementations of this concept, like PGP (pretty good privacy, most used for email) and OTR (off the record messaging, known from XMPP). Also WhatsApp has E2E encryption, for which it uses the Signal protocol.
Element uses the Matrix protocol, which has E2E support built-in through a library called Olm, which is specifically built for encryption of large chatsrooms.