Cryptographic Issues in Matrix’s Rust Library Vodozemac
Summary
The article analyzes cryptographic flaws in Matrix's Rust library Vodozemac, detailing multiple vulnerabilities (identity-element issues in DH, downgrade to V1, biased ECIES checks, deterministic IVs, fuzzing bypass, and optional strict Ed25519 verification). It discusses disclosure, patches, and the impact on Matrix users and clients, arguing for caution and better cryptography practices in open-source security software.