OMEMO

logo

OMEMO ( XEP- 0384) is an extension of the Extensible Messaging and Presence Protocol (XMPP, "Jabber") for multi- client - end-to-end encryption and was developed by Andreas Straub. OMEMO uses Olm, an implementation of the Signal protocol , for key management and to synchronize messages between multiple clients, even if some of them are offline . The name "OMEMO" is a recursive acronym for "OMEMO Multi-End Message and Object Encryption". OMEMO is also based on the Personal Eventing Protocol (PEP, XEP-0163) and provides perfect forward secrecy and credible deniability (eng. Plausible deniability ).

meaning

The most popular encryption solution for instant messaging , Off-the-Record Messaging (OTR), supports forward secrecy and credible deniability, but cannot be used when the communication partner is offline. OpenPGP supports offline messaging, but neither forward secrecy nor credible deniability. Olm and therefore also OMEMO support forward secrecy and credible deniability as well as offline messages.

In addition, the existing encryption solutions for instant messaging such as OTR were criticized for their lack of integration in the underlying chat protocol. Developers of Empathy , the official messenger of the desktop environment Gnome , cited this as a reason not to implement this often desired feature. With its integration into the chat log, OMEMO is an improvement in this regard.

history

The protocol was developed and implemented in 2015 by Andreas Straub as a Google Summer of Code project. The aim of the project was to implement an Axolotl -based multi-end-to-multi-end encryption scheme in an XMPP-based instant messaging client for Android, Conversations . It was introduced at Conversations in autumn 2015, proposed to the XMPP Standards Foundation (XSF) as the XMPP Extension Protocol (XEP) and accepted as XEP-0384 in December 2016.

Since September 2016, the OMEMO specification no longer uses the signal protocol, but the implementation Olm , which was specially written for the matrix network protocol .

In October 2015, the ChatSecure project announced that it would build its encrypting instant messenger on the Conversations core and work on OMEMO support for an iOS version. This OMEMO support has been officially available since January 2017.

A first experimental version of the OMEMO plug-in for the cross-platform XMPP client Gajim was released on December 26, 2015.

Client support

ChatSecure ( iOS )
Conversations ( Android )
Pix-Art Messenger (Android - Conversations Fork)
Dino ( Linux , OS X )
Gajim using a plugin ( BSD , Linux , Windows )
Profanity using experimental plugins ( BSD , Linux , Windows )
Pidgin and other libpurple clients using a plugin
Quicksy (Android - Conversations Spin-off with phone number as identifier)
Monal (iOS)
aTalk (Android, including video call function)

Server support

Servers do not need any special support for OMEMO because the contact list (roster, part of the XMPP core) and XEP-0163 (PEP) are sufficient.

Library support

Smack offers experimental support via the two modules smack-omemo + smack-omemo-signal

Web links

Individual evidence

^ Andreas Straub: OMEMO Encryption. In: Conversations Messenger Homepage. October 25, 2015, accessed January 16, 2020 .
↑ Daniel Gultsch: OMEMO Multi-End Message and Object Encryption. Retrieved November 23, 2015 .
↑ GPN16 - Axolotl explains - How does the crypto behind Signal and Whatsapp work
↑ OMEMO website , see section Feature Comparison, accessed on October 16, 2016
↑ US $ 621.42 bounty on Freedom Sponsors: Telepathy should support OTR encryption. FreedomSponsors, accessed January 19, 2016 .
↑ Eric Hopper: Empathy and OTR. Journal of Omnifarious, August 31, 2009, accessed January 18, 2016 .
^ [Standards] NEW: XEP-0384 (OMEMO Encryption). December 7, 2016, accessed December 23, 2016 .
↑ XEP-0384: OMEMO Encryption - Appendix H: Revision History. Retrieved January 22, 2017 .
↑ Chris Ballinger: ChatSecure, Conversations and Zom. ChatSecure, October 2, 2015, accessed January 19, 2016 .
↑ ^a ^b ChatSecure v4.0 - OMEMO and Signal Protocol. chatsecure.org, accessed January 17, 2017 .
↑ ^a ^b Gajim plugin for OMEMO Multi-End Message and Object Encryption. Retrieved January 24, 2017 .
↑ Dino - Modern Jabber / XMPP Client using GTK + / Vala .
↑ profanity-omemo-plugin. Retrieved January 22, 2017 .
↑ Richard Bayerle: amphibian - OMEMO for libpurple . Retrieved February 14, 2017.
↑ Paul Schaub: Ignite Realtime Blog: Smack v4.2 Introduces OME… | Ignite realtime. Retrieved July 11, 2017 .

[OMEMO-XEP-1] Andreas Straub: OMEMO Encryption. In: Conversations Messenger Homepage. October 25, 2015, accessed January 16, 2020 .

[OMEMO-home-2] Daniel Gultsch: OMEMO Multi-End Message and Object Encryption. Retrieved November 23, 2015 .

[3] GPN16 - Axolotl explains - How does the crypto behind Signal and Whatsapp work

[4] OMEMO website , see section Feature Comparison, accessed on October 16, 2016

[telepathy-bounty-5] US $ 621.42 bounty on Freedom Sponsors: Telepathy should support OTR encryption. FreedomSponsors, accessed January 19, 2016 .

[Omnifarious-6] Eric Hopper: Empathy and OTR. Journal of Omnifarious, August 31, 2009, accessed January 18, 2016 .

[omemo-new-xep-7] [Standards] NEW: XEP-0384 (OMEMO Encryption). December 7, 2016, accessed December 23, 2016 .

[XEP384v01-8] XEP-0384: OMEMO Encryption - Appendix H: Revision History. Retrieved January 22, 2017 .

[chatsecure-9] Chris Ballinger: ChatSecure, Conversations and Zom. ChatSecure, October 2, 2015, accessed January 19, 2016 .

[chatsecure40-10] ChatSecure v4.0 - OMEMO and Signal Protocol. chatsecure.org, accessed January 17, 2017 .

[gajim-omemo-11] Gajim plugin for OMEMO Multi-End Message and Object Encryption. Retrieved January 24, 2017 .

[12] Dino - Modern Jabber / XMPP Client using GTK + / Vala .

[13] profanity-omemo-plugin. Retrieved January 22, 2017 .

[lurch-14] Richard Bayerle: amphibian - OMEMO for libpurple . Retrieved February 14, 2017.

[15] Paul Schaub: Ignite Realtime Blog: Smack v4.2 Introduces OME… | Ignite realtime. Retrieved July 11, 2017 .