OMEMO
OMEMO is an extension to the Extensible Messaging and Presence Protocol (XMPP) for multi-client end-to-end encryption developed by . According to Straub, OMEMO uses the Double Ratchet Algorithm "to provide multi-end to multi-end encryption, allowing messages to be synchronized securely across multiple clients, even if some of them are offline".[1] The name "OMEMO" is a recursive acronym for "OMEMO Multi-End Message and Object Encryption". It is an open standard based on the Double Ratchet Algorithm and the (PEP, XEP-0163).[2] OMEMO offers future and forward secrecy and deniability with message synchronization and offline delivery.
Features[]
In comparison with OTR, the OMEMO protocol offers many-to-many encrypted chat, offline messages queuing, forward secrecy, file transfer, verifiability and deniability at the cost of slightly larger message size overhead.[3]
History[]
The protocol was developed and first implemented by Andreas Straub as a Google Summer of Code project in 2015. The project's goal was to implement a double-ratchet-based multi-end to multi-end encryption scheme into an Android XMPP-based instant messaging client called Conversations. It was introduced in Conversations and submitted to the XMPP Standards Foundation (XSF) as a proposed (XEP) in the autumn of 2015 and got accepted as XEP-0384 in December 2016.[1]
In July 2016, the ChatSecure project announced that they would implement OMEMO in the next releases. ChatSecure v4.0 supports OMEMO and was released on January 17, 2017.[4][5]
A first experimental release of an OMEMO plugin for the cross-platform XMPP client Gajim was made available on December 26, 2015.[6]
In June 2016, the non-profit computer security consultancy firm Radically Open Security published an analysis of the OMEMO protocol.[7]
Client support[]
Selected clients supporting OMEMO (full list of clients also exists[8]):
- BeagleIM (macOS)[9]
- ChatSecure (iOS)[10]
- Conversations (Android)
- Converse.js (Browser-based)[11]
- Dino (Linux, macOS)[12]
- Gajim via official plugin (Linux, Windows, BSD)[13]
- (iOS)
- Movim (Browser-based)[14]
- Psi via official plugin (Linux, Windows, macOS)[15]
- Psi+ via official plugin (Linux, Windows, macOS, Haiku, FreeBSD)[16]
- libpurple clients such as Pidgin or Finch via experimental plugin [17]
- Adium via an Xtra based on the libpurple plugin[18]
- Profanity via experimental plugin (BSD, Linux, macOS, Windows)[19]
- SiskinIM (iOS)[9]
Library support[]
- Smack supports OMEMO using the two modules smack-omemo and smack-omemo-signal[20]
- XMPPFramework (macOS, iOS, tvOS) [21] supports OMEMO via the OMEMOModule extension [22] when used in conjunction with the SignalProtocol-ObjC library.[23]
References[]
- ^ a b "[Standards] NEW: XEP-0384 (OMEMO Encryption)". 2016-12-07. Retrieved 2016-12-23.
- ^ Daniel Gultsch. "OMEMO Multi-End Message and Object Encryption". Retrieved 2015-11-23.
- ^ "OMEMO Multi-End Message and Object Encryption". conversations.im. Retrieved 2019-01-22.
- ^ "ChatSecure iOS v3.2.3 - XMPP Push". 2016-07-25. Retrieved 2016-09-07.
- ^ "ChatSecure v4.0 - OMEMO and Signal Protocol". 2017-01-17. Retrieved 2017-02-07.
- ^ Bahtiar Gadimov (2015-12-26). "Initial OMEMO commit". dev.gajim.org. Retrieved 2017-09-08.
- ^ OMEMO: Cryptographic Analysis Report. June 2016
- ^ "Are we OMEMO yet?". Are we OMEMO yet?. Retrieved 2019-01-22.
- ^ a b "BeagleIM and SiskinIM just got OMEMO support". tigase.net. Retrieved 2019-06-07.
- ^ "ChatSecure v4.0 - OMEMO and Signal Protocol". chatsecure.org. Retrieved 2017-01-17.
- ^ "XEP-0384: OMEMO Encryption · Issue #497 · conversejs/converse.js". GitHub. Retrieved 2019-11-20.
- ^ "Dino - Modern Jabber/XMPP Client using GTK+/Vala". dino.im. Retrieved 2017-11-06.
- ^ Bahtiar Gadimov; et al. "Omemogajimplugin · Wiki · gajim / gajim-plugins · GitLab". Retrieved 2016-12-04.
- ^ "End to end encryption in Movim - OMEMO is (finally) there!". mov.im. Retrieved 2021-12-15.
- ^ Vyacheslav Karpukhin. "OMEMO for Psi · GitHub". Retrieved 2018-03-04.
- ^ Vyacheslav Karpukhin. "Psi+ snapshots". Retrieved 2018-03-04.
- ^ Richard Bayerle. "lurch - OMEMO for libpurple". Retrieved 2017-02-12.
- ^ Olivier Mehani. "Lurch4Adium - OMEMO Xtra for Adium". Retrieved 2017-06-08.
- ^ René Calles. "profanity-omemo-plugin: A Python plugin to use (axolotl / Signal Protocol) encryption for the profanity XMPP messenger". Retrieved 2017-01-10.
- ^ Schaub, Paul (6 June 2017). "Ignite Realtime Blog: Smack v4.2 Introduces OME... | Ignite Realtime". community.igniterealtime.org. Retrieved 2017-07-11.
- ^ "Robbiehanson/XMPPFramework". 26 October 2021.
- ^ "Robbiehanson/XMPPFramework". 26 October 2021.
- ^ "SignalProtocolObjC". 30 January 2021.
External links[]
- Homepage
- XEP-0384: OMEMO Encryption (Experimental)
- Python library for implementing OMEMO in other clients
- OMEMO protocol implementation in C
- OMEMO Top - OMEMO support toplist in instant message clients
| Email clients | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Secure communication |
| ||||||||||||||
| Disk encryption (Comparison) | |||||||||||||||
| Anonymity | |||||||||||||||
| File systems (List) | |||||||||||||||
| Security-focused operating system |
| ||||||||||||||
| Service providers | |||||||||||||||
| Educational | |||||||||||||||
| Related topics | |||||||||||||||
| |||||||||||||||
- Free security software
- Cryptographic protocols
- Internet privacy software
- Instant messaging
- XMPP