OMEMO

From HandWiki
Short description: Extension to XMPP for multi-client end-to-end encryption
Logo of OMEMO

OMEMO is an extension to the Extensible Messaging and Presence Protocol (XMPP) for multi-client end-to-end encryption developed by Andreas Straub. According to Straub, OMEMO uses the Double Ratchet Algorithm "to provide multi-end to multi-end encryption, allowing messages to be synchronized securely across multiple clients, even if some of them are offline".[1] The name "OMEMO" is a recursive acronym for "OMEMO Multi-End Message and Object Encryption". It is an open standard based on the Double Ratchet Algorithm and the Personal Eventing Protocol (PEP, XEP-0163).[2] OMEMO offers future and forward secrecy and deniability with message synchronization and offline delivery.

Features

In comparison with OTR, the OMEMO protocol offers many-to-many encrypted chat, offline messages queuing, forward secrecy, file transfer, verifiability and deniability at the cost of slightly larger message size overhead.[3]

History

The protocol was developed and first implemented by Andreas Straub as a Google Summer of Code project in 2015. The project's goal was to implement a double-ratchet-based multi-end to multi-end encryption scheme into an Android XMPP-based instant messaging client called Conversations. It was introduced in Conversations and submitted to the XMPP Standards Foundation (XSF) as a proposed XMPP Extension Protocol (XEP) in the autumn of 2015 and got accepted as XEP-0384 in December 2016.[1]

In July 2016, the ChatSecure project announced that they would implement OMEMO in the next releases. ChatSecure v4.0 supports OMEMO and was released on January 17, 2017.[4][5]

A first experimental release of an OMEMO plugin for the cross-platform XMPP client Gajim was made available on December 26, 2015.[6]

In June 2016, the non-profit computer security consultancy firm Radically Open Security published an analysis of the OMEMO protocol.[7]

Client support

Several notable clients support OMEMO, including:[8]

Library support

  • Smack supports OMEMO using the two modules smack-omemo and smack-omemo-signal[18]
  • XMPPFramework (macOS, iOS, tvOS) [19] supports OMEMO via the OMEMOModule extension [20] when used in conjunction with the SignalProtocol-ObjC library.[21]

References

  1. 1.0 1.1 "[Standards] NEW: XEP-0384 (OMEMO Encryption)". 2016-12-07. https://mail.jabber.org/pipermail/standards/2016-December/031712.html. 
  2. Daniel Gultsch. "OMEMO Multi-End Message and Object Encryption". https://conversations.im/omemo/. 
  3. "OMEMO Multi-End Message and Object Encryption" (in en). https://conversations.im/omemo/. 
  4. "ChatSecure iOS v3.2.3 - XMPP Push". 2016-07-25. https://chatsecure.org/blog/chatsecure-v323-xmpp-push/. 
  5. "ChatSecure v4.0 - OMEMO and Signal Protocol". 2017-01-17. https://chatsecure.org/blog/chatsecure-v4-released/. 
  6. Bahtiar Gadimov (2015-12-26). "Initial OMEMO commit". https://dev.gajim.org/gajim/gajim-plugins/commit/67d6ed441dc059a8b9a74dc3840711b2c8322d4e. 
  7. OMEMO: Cryptographic Analysis Report. June 2016
  8. "Are we OMEMO yet?" (in en-US). http://omemo.top/. 
  9. "ChatSecure v4.0 - OMEMO and Signal Protocol". 17 January 2017. https://chatsecure.org/blog/chatsecure-v4-released/. 
  10. Bahtiar Gadimov. "Omemogajimplugin · Wiki · gajim / gajim-plugins · GitLab". https://dev.gajim.org/gajim/gajim-plugins/wikis/OmemoGajimPlugin. 
  11. Developers, Gajim. "Gajim 1.8.0" (in en). https://gajim.org/post/2023-05-27-gajim-1.8.0-released/. 
  12. "End to end encryption in Movim - OMEMO is (finally) there!". https://mov.im/?node/pubsub.movim.eu/Movim/end-to-end-encryption-in-movim-omemo-is-finally-there-yudZPP/. 
  13. Vyacheslav Karpukhin. "OMEMO for Psi · GitHub". https://github.com/psi-im/plugins/tree/master/generic/omemoplugin. 
  14. Vyacheslav Karpukhin. "Psi+ snapshots". https://github.com/psi-plus/psi-plus-snapshots/tree/master/plugins/generic/omemoplugin. 
  15. Richard Bayerle. "lurch - OMEMO for libpurple". https://github.com/gkdr/lurch. 
  16. Olivier Mehani. "Lurch4Adium - OMEMO Xtra for Adium". https://github.com/shtrom/Lurch4Adium. 
  17. René Calles. "profanity-omemo-plugin: A Python plugin to use (axolotl / Signal Protocol) encryption for the profanity XMPP messenger". https://github.com/ReneVolution/profanity-omemo-plugin. 
  18. Schaub, Paul (6 June 2017). "Ignite Realtime Blog: Smack v4.2 Introduces OME... | Ignite Realtime" (in en). https://community.igniterealtime.org/blogs/ignite/2017/06/06/smack-v42-introduces-omemo-support. 
  19. "Robbiehanson/XMPPFramework". 26 October 2021. https://github.com/robbiehanson/XMPPFramework. 
  20. "Robbiehanson/XMPPFramework". 26 October 2021. https://github.com/robbiehanson/XMPPFramework/blob/master/Extensions/OMEMO/OMEMOModule.h. 
  21. "SignalProtocolObjC". 30 January 2021. https://github.com/ChatSecure/SignalProtocol-ObjC. 

External links