How to do end to end encryption with elixir?

I want to develop chat app system with elixir like end to end encryption, but i want to learn is it possible to develop it with elixir is there any existing example repo for it?

1 Like

Elixir is a general purpose programming language, this is a program, yes it is possible. Elixir has encryption functions built in, so the essentials are all there.

I don’t know of any repo written to be a tutorial for such a system off the top of my head.

1 Like

Understand, how can i move, do have any advice?

I would suggest first understanding basic cryptography concepts and how end-to-end encryption is implemented in general (might be helpful to look at chat-specific usecases and examples). These are independent of any programming language.

Then try to implement these concepts yourself in Elixir. Erlang’s :crypto module or the Elixir wrapper ex_crypto might be useful here.


Thank you so much for your suggestion.

Do you have any suggestion for me like books or articles to learn that one?

Check out this cryptography concepts


“Schneier’s Law” might be a very good place to start.

tnx so much, appreiated

tn xso much, is there books for end to end encryption ?

super naive approach could be: have HTTP-based chat app, and on top of that, encrypt messages between parties using OpenPGP, or other asymmetric encryption system. you can take a look how works, but technical bits are not necessarily beginner-friendly.

i know it’s moderately useful, but i would like to reiterate what other colleagues wrote:

  1. be wary of dangers related to use of self-made “crypto-schemes” in the wild. even use of common libraries like OpenSSL is full of nasty pitfalls :slight_smile:

  2. wrap your head around basics. for example:

  • understand most common cipher modes. might be easier to start with block ciphers.
  • you can figure out how TLS works: TLS handshake, TLS session states…
  • take a look at books, like Applied Cryptography.
  1. implement client-server duo for TLS, to make it easier in PSK mode.

  2. finally, you can try something like encryption of the messages between web app and HTTP client, but at application layer. you can pick encryption mode which has property of message authentication (loosely related to opening paragraph of my reply).

none of that is really Elixir-specific, just random stuff you can take a look at. and again: poke around, but never use results of such attempts for anything serious. have fun! :slight_smile:

1 Like

Just to make sure we’re all on the same page, you’re asking these questions so that you can learn more for education purposes right? You aren’t part of a company where you’ve been tasked to build this without any support from someone who knows more about this are you?

Hey there,

so without shilling my company too much, we are building everything in Elixir and we do in fact have an end-to-end-encrypted chat system in our desktop, web and mobile apps for

The end-to-end-encryption part of that we have published open-source and I just pushed a package for it as well so you can use it as a library:

Super simple server sending 10 messages on connect:

# Server "example_server_interface" actually becomes a file with our private key
# This is the public address (like IPv4 but cryptographically)
address = DiodeClient.Base16.encode(DiodeClient.address())

{:ok, port} = DiodeClient.port_listen(5000)
spawn_link(fn ->
  IO.puts("server #{address} started")
  {:ok, ssl} = DiodeClient.port_accept(port)
  peer = DiodeClient.Port.peer(ssl)
  IO.puts("got a connection from #{Base.encode16(peer)}")
  :ssl.controlling_process(ssl, self())
  :ssl.setopts(ssl, [packet: :line, active: true])
  for x <- 1..10 do
    IO.puts("sending message #{x}")
    :ssl.send(ssl, "Hello #{Base.encode16(peer)} this is message #{x}\n")
  receive do
    {:ssl_closed, _ssl} -> IO.puts("closed!")

And here the client code:

  # Client: Below enter your server address
  server_address = "0x389eba94b330140579cdce1feb1a6e905ff876e6"

  spawn_link(fn ->
    {:ok, ssl} = DiodeClient.port_connect(server_address, 5000)
    :ssl.controlling_process(ssl, self())
    :ssl.setopts(ssl, [packet: :line, active: true])
    Enum.reduce_while(1..10, nil, fn _, _ ->
      receive do
        {:ssl, _ssl, msg} -> {:cont, IO.inspect(msg)}
        other -> {:halt, IO.inspect(other)}

You can run client and server anywhere on the planet, they will be routed automagically to each other. To use just include in your project

def deps do
    {:diode_client, "~> 1.0.0"}

The biggest thorn is that there are two nif based dependencies that will need a compiler on your system. So let me know if you run into any issues running the samples.



what amazing answer, tnx so os much appreciated for great answer :slight_smile:

1 Like

That might help :slight_smile:


tnx so so much, appreciated ur help :slight_smile:

I highly recommend you check out the enacl libary as well for handling your encryption. It’s “state-of-the-art” and makes working with the lower-level cryptographic functions safer/easier.

It’s how I’m securing the “end-to-end” parts of Metamorphic. I typically call it asymmetrically encrypted but the ideas are still the same: only the intended recipients can theoretically decrypt the data.

Then, there are great examples of how to implement the enacl library to share and update things: Badu per-user encryption part 1 (start at part 1 and work through all 4 parts).


I understand very well, it is looks great tnx so much, do have any books suggestions?

I don’t know of any Elixir related books on encryption or on building end-to-end encrypted systems with Elixir. I would have definitely wanted one when I was starting with Metamorphic.

I am planning to open source Metamorphic’s code for review/support and trust. That may help but maybe not because it’s written so specifically to my use case (and you probably write better code than me :joy:).

do have github repo any related about this topic