End to end encryption at Nextcloud Talk messages


I recently started using Nextcloud Talk with a self hosted installation.

Unfortunately E2E encryption is not available for the messages. They are stored in plain text at MariaDB…

Is there any way the messages to be encrypted, so even if someone accesses the database to be unable to read them?

Previously i was using Rocketchat, which had E2E encryption at the messages. Each user had to enable it at each private conversation. And at team chats, the admin of the chat had to enable it.

Short answer: No.

Longer answer: You have to secure and harden your server in a way that nobody can access the database who isn’t allowed to. In addition to that Full Disk Encryption can help in case someone gets physical access to the server. Or maybe you could use something like this…SQLCipher - Zetetic. ???

However, a zero knowledge solution, i.e. storing messages in such a way that even you as the server admin cannot access them, is not possible with Nextcloud Talk, as of today.

See also here… Allow server/client-side encryption of chats · Issue #1437 · nextcloud/spreed · GitHub